Aller au contenu

sio

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    23

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par sio

  1. sio

    Plantage écran noir et écran non reconnu

    sio a répondu à un(e) sujet de sio dans Hardware

    Oui mais pas de suite ... les demenageurs viennent lundi matin ... pour le transfert, je verrai cela arrivé à destination. je te ferai signe lorsque j'aurai récupéré internet merci à toi
  2. sio

    Plantage écran noir et écran non reconnu

    sio a répondu à un(e) sujet de sio dans Hardware

    bonsoir et merci, j'avais mis à jour les pilotes en début d'am ... j'ai nettoyé mon cet en fin d'am et lors du branchement, l'écran était tout rempli de scintillement et il n'allait pas plus loin que l'écran de démarrage. Ce soir, j'ai viré la carte graphique et là, plus de points brillants à l'écran et pour le moment, tout fonctionne. je vais tenter les jeux.
  3. sio
    bonjour à tous, l'ordi à planté hier durant un jeu, écran noir qui n'est plus reconnu et se met en veille. se rallume bien et normalement et re test = replantage. Les vidéos se lisent, les jeux de cartes fonctionnent, les jeux via facebook fonctionnent mais ceux du style trackmania, barbie plantent. Hier soir, j'ai remarqué des points scintillants qui semblent défiler du bas vers le haut sur la partie gauche de l'écran. je joins ma.config : Date de la detection 07/07/2011 11:54 Système d'exploitation Windows XP Professionnel (build 2600) Service Pack 3 Antivirus: AntiVir Desktop 10.0.1.58 Antivirus: Emsisoft Anti-Malware 5 Carte mère SMBios version 2.3 First International Computer, Inc. P4M-865G Series/VL35G PCB 1.x Bios: Phoenix Technologies, LTD 6.00 PG 06/15/2004 taille: 512Kb Chipset Northbridge: Intel i865P/PE/G/i848P Southbridge: Intel 82801EB (ICH5) Processeur Intel Pentium 4 Northwood Socket 478 mPGA (@0.13 um) 2800 Mhz ( L1D: 8 Ko, TC: 12 Kuops, L2: 512 Ko ) Mémoire Mémoire physique totale: 2048 Mo, Type: DDR, @166.7MHz, 2.5-3-3-7--1T DDR Transcend Information 1024 Mo PC3200 (200 Mhz) (3.0-3-3- DDR Transcend Information 1024 Mo PC3200 (200 Mhz) (3.0-3-3- Carte graphique Radeon X1650 Series (RV535) Radeon X1650 Series Secondary Périphériques IDE Hitachi HDS721010CLA332 JP4OA39C (SATA II, 931.51 Go, tampon: 29 Mo) ST3250620A 3.AAE (ATA, 232.89 Go, tampon: 16 Mo) WDC WD1200BB-00DWA0 15.05R15 (ATA, 111.79 Go, tampon: 2 Mo) Lecteurs CD/DVD HL-DT-STDVDRAM GSA-4082BA201 (DVD-RAM Recorder) RICOH CD-R/RW MP7060A 1.70 Disque dur Hitachi HDS721010CLA332 ST3250620A WDC WD1200BB-00DWA0 Lexmark USB Mass Storage USB Device Cartes PCI/AGP Stockage Intel Corporation:82801EB/ER (ICH5/ICH5R) IDE Controller: Intel Corporation:82801EB (ICH5) SATA Controller: Réseau Realtek Semiconductor Co., Ltd.:RTL-8139/8139C/8139C+: Affichage ATI Technologies Inc:RV535 [Radeon X1650 Series]: ATI Technologies Inc:RV535 [Radeon X1650 Series]: Multimedia Intel Corporation:82801EB/ER (ICH5/ICH5R) AC97 Audio Controller: Ponts Intel Corporation:82865G/PE/P DRAM Controller/Host-Hub Interface: Intel Corporation:82865G/PE/P PCI to AGP Controller Intel Corporation:82801 PCI Bridge Intel Corporation:82801EB/ER (ICH5/ICH5R) LPC Interface Bridge Système Intel Corporation:82865G/PE/P Processor to I/O Memory Interface Bus Series Intel Corporation:82801EB/ER (ICH5/ICH5R) USB UHCI Controller #1: Intel Corporation:82801EB/ER (ICH5/ICH5R) USB UHCI Controller #2: Intel Corporation:82801EB/ER (ICH5/ICH5R) USB UHCI Controller #3: Intel Corporation:82801EB/ER (ICH5/ICH5R) USB UHCI Controller #4: Intel Corporation:82801EB/ER (ICH5/ICH5R) USB2 EHCI Controller: Intel Corporation:82801EB/ER (ICH5/ICH5R) SMBus Controller: Agere Systems:FW322/323: Clavier Clavier standard 101/102 touches ou clavier Microsoft Natural Keyboard PS/2 Périphérique clavier PIH Souris Souris compatible PS/2 Souris HID Ecran ViewSonic VA926 Series(ViewSonic Corporation VA926 Series) d'avance merci pour votre aide dernière info : plantage sur la messagerie, écran noir et déconnecté. au redémarrage, des points blancs fixes apparaissent sur l'écran ... toute dernière précision : encore un plantage sur internet avec affichage du message suivant : "VPU RECOVER a réinitialisé votre accélérateur graphique car celui-ci ne répondait plus aux commandes du pilotes d'affichage graphique" ???
  4. sio
    merci encore une fois pour le temps passé et la sympathie de ton intervention.
  5. sio
    All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cmaudio not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Program Files\Bfipprnl£Â½´Ëohaffmxb.exe\ohaffmxb.exe deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== C:\Program Files\Panda Security folder moved successfully. C:\WINDOWS\BDOSCAN8\plugins folder moved successfully. C:\WINDOWS\BDOSCAN8 folder moved successfully. File\Folder C:\Documents and Settings\mp\Application Data\xssend2 not found. C:\Documents and Settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\macromedia.com\support folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\macromedia.com folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\PVXJ5KG2 folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Macromedia folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendfn2jaqj3z1ggwxlwdx1ljsjmjlhsnfo folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Adobe\Flash Player\AssetCache\4US6PX8G folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Adobe\Flash Player\AssetCache folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Adobe\Flash Player folder moved successfully. C:\Documents and Settings\LocalService\Application Data\Adobe folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendcs3fowqcycl2zhvzayrqotgfkc3watl folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendgvmxa1l1sbvxqipmbpchwggpwpwodpb folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendqeuatxqvdmdxi3tjxjsgepmhb3kxxaa folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendcagvn1eeay2ctjckdz2vywaxfqipybm folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendxc31xh3vgwvrsp2ph3cnxstbubcjlpy folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendwojmhxxgkgtctseyljkkcugxkbbvio1 folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendekayrkahkt3smrszaqlsfec3xxptby2 folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendeniqfktkbvbm3krudyyylglnucznbjw folder moved successfully. C:\Program Files\win folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendwi2kbfserbmhaornvncneshh13ratqe folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendeyjluyhugzimi1njrafla3w1kzcvzxa folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendjmseffzijrefavxjakxkki3dxtgrozk folder moved successfully. C:\Documents and Settings\mp\Application Data\xssendrn1miffrrkmterrjmzgiesrt1kpeesj folder moved successfully. C:\Program Files\windows folder moved successfully. C:\Program Files\Bfipprnl£Â½´Ëohaffmxb.exe folder moved successfully. C:\WINDOWS\tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 311363 bytes User: LocalService.AUTORITE NT ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: mp ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 8028372 bytes ->FireFox cache emptied: 50728625 bytes ->Flash cache emptied: 1136 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32835 bytes User: NetworkService.AUTORITE NT ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1139202 bytes %systemroot%\System32 .tmp files removed: 3072 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 3163991 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 60,00 mb [EMPTYFLASH] User: All Users User: Default User User: LocalService User: LocalService.AUTORITE NT User: mp ->Flash cache emptied: 0 bytes User: NetworkService User: NetworkService.AUTORITE NT Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.3 log created on 01232011_145914 Files\Folders moved on Reboot... Registry entries deleted on Reboot... --------------------------------- autres symptomes ? rien qui ne corresponde à une infection, juste une chose que je ne sais pas faire ... en réinstallant windows pour l'ordi, au demarrage, j'ai une question pour choisir mon OS. comme celui qui fonctionne est le second de la liste, il faut le choisir manuellement... je ne trouve pas le fichier boot.ini (meme en affichant les fichiers cachés) pour que le choix soit automatique ?
  6. sio
    non je ne les connais pas ! et ils sont tous les trois vides ... je ne sais pas si cela est lié, mais j'ai du réinstallé windows family car le fichier HAL.DLL était manquant !
  7. sio
    ComboFix 11-01-22.03 - mp 23/01/2011 13:02:46.2.1 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1636 [GMT 1:00] Lancé depuis: c:\documents and settings\mp\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\mp\Bureau\CFScript.txt AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-23 au 2011-01-23 )))))))))))))))))))))))))))))))))))) . 2011-01-23 11:53 . 2011-01-23 11:53 -------- d-----w- C:\logs 2011-01-23 08:45 . 2011-01-23 08:45 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2011-01-22 16:04 . 2011-01-22 16:04 -------- d-----w- c:\windows\system32\wbem\Repository 2011-01-22 16:04 . 2011-01-22 16:04 -------- d-----w- c:\windows\Cursors 2011-01-22 12:39 . 2011-01-22 16:04 -------- d-----w- c:\program files\NoClone 2011-01-22 10:28 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-22 10:28 . 2011-01-22 10:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-22 10:28 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-22 10:15 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2011-01-22 10:15 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll 2011-01-22 10:14 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2011-01-22 10:12 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-01-22 10:07 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-01-21 18:35 . 2011-01-21 18:35 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2011-01-21 18:09 . 2011-01-21 18:09 -------- d-----w- c:\windows\l2schemas 2011-01-21 18:09 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\fr 2011-01-21 16:41 . 2011-01-21 16:41 -------- d-----w- c:\program files\CCleaner 2011-01-21 16:38 . 2011-01-21 16:38 -------- d-sh--w- c:\documents and settings\mp\IECompatCache 2011-01-21 16:36 . 2011-01-21 16:36 -------- d-sh--w- c:\documents and settings\mp\PrivacIE 2011-01-21 16:23 . 2011-01-21 16:23 -------- d-sh--w- c:\documents and settings\mp\IETldCache 2011-01-21 16:14 . 2010-11-06 00:21 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-01-21 16:14 . 2010-11-06 00:21 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2011-01-21 16:14 . 2010-11-06 00:21 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2011-01-21 16:14 . 2010-11-06 00:21 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll 2011-01-21 16:14 . 2010-11-06 00:21 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-01-21 16:14 . 2010-11-06 00:21 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll 2011-01-21 16:14 . 2010-11-06 00:21 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-01-21 16:10 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\fr-FR 2011-01-21 16:10 . 2011-01-21 16:13 -------- dc-h--w- c:\windows\ie8 2011-01-21 15:47 . 2008-04-14 02:34 208896 -c----w- c:\windows\system32\dllcache\unregmp2.exe 2011-01-21 15:46 . 2008-04-14 02:34 226816 -c----w- c:\windows\system32\dllcache\npdrmv2.dll 2011-01-21 15:45 . 2008-04-14 02:33 61440 ------w- c:\windows\system32\kmsvc.dll 2011-01-21 14:15 . 2011-01-21 14:15 -------- d-----w- c:\documents and settings\mp\Application Data\Malwarebytes 2011-01-21 14:15 . 2011-01-21 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-21 14:14 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys 2011-01-21 14:13 . 2010-08-26 13:39 357248 -c----w- c:\windows\system32\dllcache\srv.sys 2011-01-21 14:12 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2011-01-21 14:12 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2011-01-21 14:11 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2011-01-21 14:08 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2011-01-21 14:08 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2011-01-21 14:05 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2011-01-21 14:04 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2011-01-21 14:03 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-21 14:00 . 2009-06-10 08:21 2066432 -c----w- c:\windows\system32\dllcache\mstscax.dll 2011-01-21 13:59 . 2009-08-25 09:18 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll 2011-01-21 13:59 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll 2011-01-21 13:56 . 2010-07-16 12:04 221696 -c----w- c:\windows\system32\dllcache\wordpad.exe 2011-01-21 05:51 . 2011-01-21 05:51 -------- d-----w- c:\documents and settings\mp\Application Data\Avira 2011-01-21 05:49 . 2011-01-22 10:45 -------- d-----w- c:\windows\system32\NtmsData 2011-01-21 05:43 . 2011-01-22 10:25 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-01-21 05:43 . 2011-01-22 10:25 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-01-21 05:43 . 2010-06-17 14:28 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2011-01-21 05:43 . 2010-06-17 14:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2011-01-21 05:43 . 2011-01-21 05:43 -------- d-----w- c:\program files\Avira 2011-01-21 05:43 . 2011-01-21 05:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2011-01-21 05:37 . 2011-01-21 05:37 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer 2011-01-21 05:36 . 2011-01-21 18:12 -------- d-----w- c:\windows\system32\wbem\AutoRecover 2011-01-20 22:39 . 2011-01-21 18:09 -------- d-----w- c:\windows\peernet 2011-01-20 22:39 . 2011-01-20 22:39 -------- d-----w- c:\windows\provisioning 2011-01-20 22:33 . 2011-01-20 22:33 -------- d-----w- c:\windows\ServicePackFiles 2011-01-20 22:21 . 2011-01-21 17:50 -------- d-----w- c:\windows\EHome 2011-01-20 20:48 . 2008-04-13 18:34 11264 ------w- c:\windows\system32\spnpinst.exe 2011-01-20 20:29 . 2011-01-20 20:29 -------- d-----w- c:\windows\system32\Kaspersky Lab 2011-01-20 20:21 . 2008-04-14 02:33 1097728 ----a-w- c:\windows\system32\esent.dll 2011-01-20 20:10 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\bits 2011-01-20 20:08 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2011-01-20 20:07 . 2009-08-25 09:18 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-01-20 20:07 . 2008-04-14 02:33 18944 ----a-w- c:\windows\system32\qmgrprxy.dll 2011-01-20 20:02 . 2009-08-06 18:24 327896 ----a-w- c:\windows\system32\wucltui.dll 2011-01-20 20:02 . 2009-08-06 18:24 35552 ----a-w- c:\windows\system32\wups.dll 2011-01-20 20:02 . 2009-08-06 18:24 217816 ----a-w- c:\windows\system32\wuaucpl.cpl 2011-01-20 20:02 . 2009-08-06 18:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2011-01-20 20:02 . 2008-04-14 02:33 184320 ----a-w- c:\windows\system32\wuaueng1.dll 2011-01-20 20:02 . 2008-04-14 02:34 168960 ----a-w- c:\windows\system32\wuauclt1.exe 2011-01-20 19:43 . 2011-01-21 16:29 -------- d-----w- c:\program files\Panda Security 2011-01-20 19:11 . 2011-01-20 19:29 -------- d-----w- c:\windows\BDOSCAN8 2011-01-20 18:38 . 2011-01-20 18:38 -------- d-sh--w- c:\documents and settings\LocalService.AUTORITE NT 2011-01-20 18:38 . 2011-01-20 18:38 -------- d-sh--w- c:\documents and settings\NetworkService.AUTORITE NT 2011-01-20 18:27 . 2008-04-14 02:33 32768 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwdl.dll 2011-01-20 18:27 . 2002-08-30 12:00 40960 ----a-w- c:\program files\Internet Explorer\Connection Wizard\trialoc.dll 2011-01-20 18:27 . 2008-04-14 02:34 24576 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwrmind.exe 2011-01-20 18:27 . 2008-04-14 02:33 61440 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn.dll 2011-01-20 18:27 . 2008-04-14 02:33 49152 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwutil.dll 2011-01-20 18:27 . 2008-04-14 02:33 176128 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwhelp.dll 2011-01-20 18:27 . 2002-08-30 12:00 73728 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwtutor.exe 2011-01-20 18:27 . 2002-08-30 12:00 65536 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwres.dll 2011-01-20 18:27 . 2008-04-14 02:34 20480 ----a-w- c:\program files\Internet Explorer\Connection Wizard\inetwiz.exe 2011-01-20 18:27 . 2002-08-30 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe 2011-01-20 18:27 . 2008-04-14 02:34 86016 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn2.exe 2011-01-20 18:26 . 2009-07-29 14:00 119648 ----a-w- c:\program files\Fichiers communs\Microsoft Shared\TextConv\msconv97.dll 2011-01-20 18:26 . 2008-04-14 02:34 73728 ----a-w- c:\program files\Windows Media Player\wmplayer.exe 2011-01-19 19:30 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq 2011-01-19 14:27 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendfn2jaqj3z1ggwxlwdx1ljsjmjlhsnfo 2011-01-19 12:35 . 2011-01-19 12:35 -------- d-s---w- c:\documents and settings\LocalService\UserData 2011-01-19 11:09 . 2011-01-19 11:09 -------- d-s---w- c:\windows\system32\config\systemprofile\UserData 2011-01-19 10:57 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendcs3fowqcycl2zhvzayrqotgfkc3watl 2011-01-19 05:53 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendgvmxa1l1sbvxqipmbpchwggpwpwodpb 2011-01-18 17:15 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendqeuatxqvdmdxi3tjxjsgepmhb3kxxaa 2011-01-18 12:11 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendcagvn1eeay2ctjckdz2vywaxfqipybm 2011-01-18 07:08 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendxc31xh3vgwvrsp2ph3cnxstbubcjlpy 2011-01-17 17:16 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendwojmhxxgkgtctseyljkkcugxkbbvio1 2011-01-17 12:12 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendekayrkahkt3smrszaqlsfec3xxptby2 2011-01-17 06:22 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendeniqfktkbvbm3krudyyylglnucznbjw 2011-01-17 06:22 . 2011-01-19 10:57 -------- d-----w- c:\program files\win 2011-01-16 12:18 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendwi2kbfserbmhaornvncneshh13ratqe 2011-01-16 07:14 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendeyjluyhugzimi1njrafla3w1kzcvzxa 2011-01-15 19:12 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendjmseffzijrefavxjakxkki3dxtgrozk 2011-01-15 14:09 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendrn1miffrrkmterrjmzgiesrt1kpeesj 2011-01-15 14:09 . 2011-01-21 20:08 -------- d-----w- c:\program files\windows 2011-01-15 14:09 . 2011-01-21 18:40 -------- d-----w- c:\program files\Bfipprnl£Â½´Ëohaffmxb.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-18 18:12 . 2010-11-04 09:59 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-09 14:52 . 2002-08-30 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-06 00:21 . 2006-06-23 12:28 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:21 . 2002-08-30 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-06 00:21 . 2002-08-30 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-11-03 12:26 . 2004-08-19 22:56 385024 ----a-w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2002-08-30 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:14 . 2002-08-30 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 14:07 . 2002-08-30 12:00 1853440 ----a-w- c:\windows\system32\win32k.sys . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\documents and settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq ---- ---- Directory of c:\program files\Bfipprnl£Â½´Ëohaffmxb.exe ---- ---- Directory of c:\program files\win ---- ---- Directory of c:\program files\windows ---- ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [21/01/2011 06:43 135336] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - HTTPFILTER *NewlyCreated* - RSVP . Contenu du dossier 'Tâches planifiées' 2011-01-23 c:\windows\Tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab FF - ProfilePath - c:\documents and settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-01-23 13:07 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(612) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(240) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll . Heure de fin: 2011-01-23 13:09:56 ComboFix-quarantined-files.txt 2011-01-23 12:09 ComboFix2.txt 2011-01-23 09:02 Avant-CF: 1 441 730 560 octets libres Après-CF: 1 568 043 008 octets libres - - End Of File - - 01C181070529B60B6FD6376652A55FEB
  8. sio
    ComboFix 11-01-22.02 - mp 23/01/2011 9:52.1.1 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1659 [GMT 1:00] Lancé depuis: c:\documents and settings\mp\Bureau\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\mp\Application Data\desktop.ini c:\documents and settings\mp\Application Data\xssend2 c:\program files\Internet Explorer\complete.dat c:\program files\Internet Explorer\dmlconf.dat . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-23 au 2011-01-23 )))))))))))))))))))))))))))))))))))) . 2011-01-23 08:45 . 2011-01-23 08:45 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2011-01-22 16:04 . 2011-01-22 16:04 -------- d-----w- c:\windows\system32\wbem\Repository 2011-01-22 16:04 . 2011-01-22 16:04 -------- d-----w- c:\windows\Cursors 2011-01-22 12:39 . 2011-01-22 16:04 -------- d-----w- c:\program files\NoClone 2011-01-22 10:28 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-22 10:28 . 2011-01-22 10:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-22 10:28 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-22 10:15 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2011-01-22 10:15 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll 2011-01-22 10:14 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2011-01-22 10:12 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-01-22 10:07 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-01-21 18:35 . 2011-01-21 18:35 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2011-01-21 18:09 . 2011-01-21 18:09 -------- d-----w- c:\windows\l2schemas 2011-01-21 18:09 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\fr 2011-01-21 16:41 . 2011-01-21 16:41 -------- d-----w- c:\program files\CCleaner 2011-01-21 16:38 . 2011-01-21 16:38 -------- d-sh--w- c:\documents and settings\mp\IECompatCache 2011-01-21 16:36 . 2011-01-21 16:36 -------- d-sh--w- c:\documents and settings\mp\PrivacIE 2011-01-21 16:23 . 2011-01-21 16:23 -------- d-sh--w- c:\documents and settings\mp\IETldCache 2011-01-21 16:14 . 2010-11-06 00:21 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-01-21 16:14 . 2010-11-06 00:21 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2011-01-21 16:14 . 2010-11-06 00:21 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2011-01-21 16:14 . 2010-11-06 00:21 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll 2011-01-21 16:14 . 2010-11-06 00:21 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-01-21 16:14 . 2010-11-06 00:21 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll 2011-01-21 16:14 . 2010-11-06 00:21 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-01-21 16:10 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\fr-FR 2011-01-21 16:10 . 2011-01-21 16:13 -------- dc-h--w- c:\windows\ie8 2011-01-21 15:47 . 2008-04-14 02:34 208896 -c----w- c:\windows\system32\dllcache\unregmp2.exe 2011-01-21 15:46 . 2008-04-14 02:34 226816 -c----w- c:\windows\system32\dllcache\npdrmv2.dll 2011-01-21 15:45 . 2008-04-14 02:33 61440 ------w- c:\windows\system32\kmsvc.dll 2011-01-21 14:15 . 2011-01-21 14:15 -------- d-----w- c:\documents and settings\mp\Application Data\Malwarebytes 2011-01-21 14:15 . 2011-01-21 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-21 14:14 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys 2011-01-21 14:13 . 2010-08-26 13:39 357248 -c----w- c:\windows\system32\dllcache\srv.sys 2011-01-21 14:12 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2011-01-21 14:12 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2011-01-21 14:11 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2011-01-21 14:08 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2011-01-21 14:08 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2011-01-21 14:05 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2011-01-21 14:04 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2011-01-21 14:03 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-21 14:00 . 2009-06-10 08:21 2066432 -c----w- c:\windows\system32\dllcache\mstscax.dll 2011-01-21 13:59 . 2009-08-25 09:18 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll 2011-01-21 13:59 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll 2011-01-21 13:56 . 2010-07-16 12:04 221696 -c----w- c:\windows\system32\dllcache\wordpad.exe 2011-01-21 05:51 . 2011-01-21 05:51 -------- d-----w- c:\documents and settings\mp\Application Data\Avira 2011-01-21 05:49 . 2011-01-22 10:45 -------- d-----w- c:\windows\system32\NtmsData 2011-01-21 05:43 . 2011-01-22 10:25 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-01-21 05:43 . 2011-01-22 10:25 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-01-21 05:43 . 2010-06-17 14:28 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2011-01-21 05:43 . 2010-06-17 14:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2011-01-21 05:43 . 2011-01-21 05:43 -------- d-----w- c:\program files\Avira 2011-01-21 05:43 . 2011-01-21 05:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2011-01-21 05:37 . 2011-01-21 05:37 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer 2011-01-21 05:36 . 2011-01-21 18:12 -------- d-----w- c:\windows\system32\wbem\AutoRecover 2011-01-20 22:39 . 2011-01-21 18:09 -------- d-----w- c:\windows\peernet 2011-01-20 22:39 . 2011-01-20 22:39 -------- d-----w- c:\windows\provisioning 2011-01-20 22:33 . 2011-01-20 22:33 -------- d-----w- c:\windows\ServicePackFiles 2011-01-20 22:21 . 2011-01-21 17:50 -------- d-----w- c:\windows\EHome 2011-01-20 20:48 . 2008-04-13 18:34 11264 ------w- c:\windows\system32\spnpinst.exe 2011-01-20 20:29 . 2011-01-20 20:29 -------- d-----w- c:\windows\system32\Kaspersky Lab 2011-01-20 20:21 . 2008-04-14 02:33 1097728 ----a-w- c:\windows\system32\esent.dll 2011-01-20 20:10 . 2011-01-21 18:09 -------- d-----w- c:\windows\system32\bits 2011-01-20 20:08 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2011-01-20 20:07 . 2009-08-25 09:18 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-01-20 20:07 . 2008-04-14 02:33 18944 ----a-w- c:\windows\system32\qmgrprxy.dll 2011-01-20 20:02 . 2009-08-06 18:24 327896 ----a-w- c:\windows\system32\wucltui.dll 2011-01-20 20:02 . 2009-08-06 18:24 35552 ----a-w- c:\windows\system32\wups.dll 2011-01-20 20:02 . 2009-08-06 18:24 217816 ----a-w- c:\windows\system32\wuaucpl.cpl 2011-01-20 20:02 . 2009-08-06 18:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2011-01-20 20:02 . 2008-04-14 02:33 184320 ----a-w- c:\windows\system32\wuaueng1.dll 2011-01-20 20:02 . 2008-04-14 02:34 168960 ----a-w- c:\windows\system32\wuauclt1.exe 2011-01-20 19:43 . 2011-01-21 16:29 -------- d-----w- c:\program files\Panda Security 2011-01-20 19:11 . 2011-01-20 19:29 -------- d-----w- c:\windows\BDOSCAN8 2011-01-20 18:38 . 2011-01-20 18:38 -------- d-sh--w- c:\documents and settings\LocalService.AUTORITE NT 2011-01-20 18:38 . 2011-01-20 18:38 -------- d-sh--w- c:\documents and settings\NetworkService.AUTORITE NT 2011-01-20 18:27 . 2008-04-14 02:33 32768 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwdl.dll 2011-01-20 18:27 . 2002-08-30 12:00 40960 ----a-w- c:\program files\Internet Explorer\Connection Wizard\trialoc.dll 2011-01-20 18:27 . 2008-04-14 02:34 24576 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwrmind.exe 2011-01-20 18:27 . 2008-04-14 02:33 61440 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn.dll 2011-01-20 18:27 . 2008-04-14 02:33 49152 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwutil.dll 2011-01-20 18:27 . 2008-04-14 02:33 176128 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwhelp.dll 2011-01-20 18:27 . 2002-08-30 12:00 73728 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwtutor.exe 2011-01-20 18:27 . 2002-08-30 12:00 65536 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwres.dll 2011-01-20 18:27 . 2008-04-14 02:34 20480 ----a-w- c:\program files\Internet Explorer\Connection Wizard\inetwiz.exe 2011-01-20 18:27 . 2002-08-30 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe 2011-01-20 18:27 . 2008-04-14 02:34 86016 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn2.exe 2011-01-20 18:26 . 2009-07-29 14:00 119648 ----a-w- c:\program files\Fichiers communs\Microsoft Shared\TextConv\msconv97.dll 2011-01-20 18:26 . 2008-04-14 02:34 73728 ----a-w- c:\program files\Windows Media Player\wmplayer.exe 2011-01-19 19:30 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq 2011-01-19 14:27 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendfn2jaqj3z1ggwxlwdx1ljsjmjlhsnfo 2011-01-19 12:35 . 2011-01-19 12:35 -------- d-s---w- c:\documents and settings\LocalService\UserData 2011-01-19 11:09 . 2011-01-19 11:09 -------- d-s---w- c:\windows\system32\config\systemprofile\UserData 2011-01-19 10:57 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendcs3fowqcycl2zhvzayrqotgfkc3watl 2011-01-19 05:53 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendgvmxa1l1sbvxqipmbpchwggpwpwodpb 2011-01-18 17:15 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendqeuatxqvdmdxi3tjxjsgepmhb3kxxaa 2011-01-18 12:11 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendcagvn1eeay2ctjckdz2vywaxfqipybm 2011-01-18 07:08 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendxc31xh3vgwvrsp2ph3cnxstbubcjlpy 2011-01-17 17:16 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendwojmhxxgkgtctseyljkkcugxkbbvio1 2011-01-17 12:12 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendekayrkahkt3smrszaqlsfec3xxptby2 2011-01-17 06:22 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendeniqfktkbvbm3krudyyylglnucznbjw 2011-01-17 06:22 . 2011-01-19 10:57 -------- d-----w- c:\program files\win 2011-01-16 12:18 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendwi2kbfserbmhaornvncneshh13ratqe 2011-01-16 07:14 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendeyjluyhugzimi1njrafla3w1kzcvzxa 2011-01-15 19:12 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendjmseffzijrefavxjakxkki3dxtgrozk 2011-01-15 14:09 . 2011-01-20 19:17 -------- d-----w- c:\documents and settings\mp\Application Data\xssendrn1miffrrkmterrjmzgiesrt1kpeesj 2011-01-15 14:09 . 2011-01-21 20:08 -------- d-----w- c:\program files\windows 2011-01-15 14:09 . 2011-01-21 18:40 -------- d-----w- c:\program files\Bfipprnl£Â½´Ëohaffmxb.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-18 18:12 . 2010-11-04 09:59 86016 ----a-w- c:\windows\system32\isign32.dll 2010-11-09 14:52 . 2002-08-30 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-06 00:21 . 2006-06-23 12:28 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:21 . 2002-08-30 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-06 00:21 . 2002-08-30 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-11-03 12:26 . 2004-08-19 22:56 385024 ----a-w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2002-08-30 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:14 . 2002-08-30 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 14:07 . 2002-08-30 12:00 1853440 ----a-w- c:\windows\system32\win32k.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [21/01/2011 06:43 135336] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - HTTPFILTER . Contenu du dossier 'Tâches planifiées' 2011-01-23 c:\windows\Tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab FF - ProfilePath - c:\documents and settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-Cmaudio - cmicnfg.cpl ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-01-23 09:59 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... c:\documents and settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\pluginreg.dat.bak 1838 bytes Scan terminé avec succès Fichiers cachés: 1 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(612) c:\windows\system32\Ati2evxx.dll . Heure de fin: 2011-01-23 10:02:35 ComboFix-quarantined-files.txt 2011-01-23 09:02 Avant-CF: 1 476 870 144 octets libres Après-CF: 1 572 884 480 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.0 [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.0="Microsoft Windows XP dition familiale" /fastdetect multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn - - End Of File - - 866DDFFEEB3688588D23E6BCE1B74B16
  9. sio
    rapport OTL OTL logfile created on: 22/01/2011 17:29:56 - Run 2 OTL by OldTimer - Version 3.2.20.3 Folder = C:\Documents and Settings\mp\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 84,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 9,32 Gb Total Space | 1,49 Gb Free Space | 15,98% Space Free | Partition Type: NTFS Drive E: | 18,64 Gb Total Space | 16,48 Gb Free Space | 88,44% Space Free | Partition Type: NTFS Computer Name: ORDI2 | User Name: mp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Documents and Settings\mp\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\mp\Bureau\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- File not found SRV - (AppMgmt) -- File not found SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 10:11:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/12 09:48:07 | 000,000,000 | ---D | M] [2010/11/07 10:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mp\Application Data\Mozilla\Extensions [2011/01/21 07:06:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\extensions [2010/11/07 10:20:17 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Documents and Settings\mp\Application Data\Mozilla\Firefox\Profiles\22jq9e28.default\extensions\youtube2mp3@mondayx.de [2010/11/07 10:16:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/12/12 09:47:56 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/12 09:47:56 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/12 09:47:56 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/12/12 09:47:56 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/12 09:47:56 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2002/08/30 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Cmaudio] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1295553909250 (WUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Program Files\Bfipprnl£Â½´Ëohaffmxb.exe\ohaffmxb.exe) - File not found O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/11/04 11:02:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/05/05 21:43:57 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) ========== Files/Folders - Created Within 30 Days ========== [2011/01/22 17:04:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2011/01/22 17:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\NoClone [2011/01/22 13:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\NoClone [2011/01/22 11:28:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/01/22 11:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/01/22 11:28:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/01/22 11:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/01/22 11:27:53 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\mp\Mes documents\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50.1_francais_215092.exe [2011/01/22 11:23:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mp\Recent [2011/01/22 11:15:01 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll [2011/01/22 11:15:00 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll [2011/01/22 11:14:31 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll [2011/01/22 11:12:51 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2011/01/22 11:07:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2011/01/21 19:35:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2011/01/21 19:09:33 | 000,000,000 | ---D | C] -- C:\Program Files\msn [2011/01/21 19:09:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2011/01/21 19:09:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr [2011/01/21 19:00:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2011/01/21 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/01/21 17:38:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\mp\IECompatCache [2011/01/21 17:36:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\mp\PrivacIE [2011/01/21 17:23:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\mp\IETldCache [2011/01/21 17:14:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2011/01/21 17:14:07 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2011/01/21 17:14:07 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2011/01/21 17:14:07 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2011/01/21 17:14:07 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2011/01/21 17:14:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2011/01/21 17:13:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2011/01/21 17:10:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2011/01/21 17:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR [2011/01/21 16:48:22 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll [2011/01/21 16:48:22 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll [2011/01/21 16:48:22 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax [2011/01/21 16:48:21 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll [2011/01/21 16:48:21 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll [2011/01/21 16:48:21 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax [2011/01/21 16:48:20 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll [2011/01/21 16:48:20 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll [2011/01/21 16:48:20 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll [2011/01/21 16:48:20 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll [2011/01/21 16:48:19 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2011/01/21 16:48:19 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll [2011/01/21 16:48:18 | 002,985,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll [2011/01/21 16:48:18 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2011/01/21 16:48:17 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll [2011/01/21 16:48:17 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2011/01/21 16:48:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll [2011/01/21 16:48:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll [2011/01/21 16:48:15 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll [2011/01/21 16:48:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx [2011/01/21 16:48:10 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll [2011/01/21 16:48:09 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll [2011/01/21 16:48:09 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll [2011/01/21 16:48:09 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll [2011/01/21 16:48:09 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll [2011/01/21 16:48:09 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll [2011/01/21 16:48:09 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll [2011/01/21 16:48:08 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2011/01/21 16:48:04 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll [2011/01/21 16:48:04 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll [2011/01/21 16:47:53 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe [2011/01/21 16:47:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2011/01/21 16:47:34 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2011/01/21 16:47:33 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll [2011/01/21 16:47:26 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2011/01/21 16:47:26 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2011/01/21 16:47:21 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2011/01/21 16:47:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll [2011/01/21 16:47:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll [2011/01/21 16:47:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2011/01/21 16:47:15 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2011/01/21 16:47:13 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll [2011/01/21 16:47:09 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll [2011/01/21 16:46:57 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll [2011/01/21 16:46:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll [2011/01/21 16:46:53 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2011/01/21 16:46:53 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2011/01/21 16:46:53 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2011/01/21 16:46:52 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll [2011/01/21 16:46:52 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2011/01/21 16:46:51 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2011/01/21 16:46:50 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll [2011/01/21 16:46:47 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll [2011/01/21 16:46:47 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2011/01/21 16:46:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2011/01/21 16:46:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax [2011/01/21 16:46:46 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll [2011/01/21 16:46:46 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll [2011/01/21 16:46:42 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll [2011/01/21 16:46:30 | 000,848,922 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxm.ocx [2011/01/21 16:46:30 | 000,004,126 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxmlc.dll [2011/01/21 16:46:28 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2011/01/21 16:46:27 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax [2011/01/21 16:46:26 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll [2011/01/21 16:46:26 | 000,262,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax [2011/01/21 16:46:26 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2011/01/21 16:46:26 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2011/01/21 16:46:25 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll [2011/01/21 16:46:25 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll [2011/01/21 16:46:25 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll [2011/01/21 16:46:23 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2011/01/21 16:46:23 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2011/01/21 16:46:23 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2011/01/21 16:46:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2011/01/21 16:46:21 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe [2011/01/21 16:46:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll [2011/01/21 16:45:58 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2011/01/21 16:45:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2011/01/21 16:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2011/01/21 16:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2011/01/21 16:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2011/01/21 16:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2011/01/21 16:45:51 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2011/01/21 16:45:43 | 000,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [2011/01/21 16:45:35 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2011/01/21 16:45:35 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll [2011/01/21 16:45:35 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2011/01/21 16:45:35 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2011/01/21 16:45:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll [2011/01/21 16:45:34 | 000,500,278 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxmasf.dll [2011/01/21 16:45:34 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2011/01/21 16:45:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll [2011/01/21 16:45:29 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll [2011/01/21 16:45:29 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll [2011/01/21 16:45:29 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll [2011/01/21 16:45:28 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2011/01/21 16:45:28 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2011/01/21 16:45:28 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2011/01/21 16:45:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2011/01/21 16:45:28 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll [2011/01/21 16:45:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll [2011/01/21 16:45:27 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2011/01/21 16:45:26 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2011/01/21 16:45:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2011/01/21 16:45:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll [2011/01/21 16:45:12 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll [2011/01/21 16:45:09 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll [2011/01/21 16:45:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2011/01/21 16:45:08 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2011/01/21 16:45:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll [2011/01/21 16:45:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2011/01/21 15:15:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\Malwarebytes [2011/01/21 15:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/01/21 15:14:53 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2011/01/21 15:13:35 | 000,357,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2011/01/21 15:12:39 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2011/01/21 15:12:08 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2011/01/21 15:11:11 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2011/01/21 15:09:54 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2011/01/21 15:09:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2011/01/21 15:09:37 | 002,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2011/01/21 15:09:25 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2011/01/21 15:09:16 | 002,148,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2011/01/21 15:09:06 | 002,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2011/01/21 15:08:36 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2011/01/21 15:05:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Mes documents\SAUV RACCOURCIS [2011/01/21 15:05:00 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2011/01/21 15:04:33 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2011/01/21 15:03:24 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2011/01/21 15:00:30 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll [2011/01/21 14:59:54 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll [2011/01/21 14:59:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2011/01/21 14:52:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mp\Bureau\OTL.exe [2011/01/21 06:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\Avira [2011/01/21 06:49:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2011/01/21 06:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira [2011/01/21 06:43:08 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2011/01/21 06:43:02 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011/01/21 06:43:02 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011/01/21 06:43:02 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2011/01/21 06:43:02 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2011/01/21 06:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011/01/21 06:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2011/01/20 23:39:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet [2011/01/20 23:39:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning [2011/01/20 23:33:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2011/01/20 23:26:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2011/01/20 23:21:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2011/01/20 23:21:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome [2011/01/20 21:48:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe [2011/01/20 21:29:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Kaspersky Lab [2011/01/20 21:21:32 | 001,097,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll [2011/01/20 21:10:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2011/01/20 21:09:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2011/01/20 21:08:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2011/01/20 21:08:52 | 000,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2011/01/20 21:08:48 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2011/01/20 21:07:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll [2011/01/20 21:07:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll [2011/01/20 21:07:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll [2011/01/20 21:05:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2011/01/20 21:03:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2011/01/20 21:02:27 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2011/01/20 21:02:27 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2011/01/20 21:02:27 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll [2011/01/20 21:02:27 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2011/01/20 21:02:26 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe [2011/01/20 20:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2011/01/20 20:11:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8 [2011/01/20 20:06:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssend2 [2011/01/19 20:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendjsxvgd2wper1dyxpatks2xu3rzubmgq [2011/01/19 17:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2011/01/19 15:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendfn2jaqj3z1ggwxlwdx1ljsjmjlhsnfo [2011/01/19 14:04:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2011/01/19 11:57:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendcs3fowqcycl2zhvzayrqotgfkc3watl [2011/01/19 06:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendgvmxa1l1sbvxqipmbpchwggpwpwodpb [2011/01/18 18:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendqeuatxqvdmdxi3tjxjsgepmhb3kxxaa [2011/01/18 13:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendcagvn1eeay2ctjckdz2vywaxfqipybm [2011/01/18 08:08:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendxc31xh3vgwvrsp2ph3cnxstbubcjlpy [2011/01/17 18:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendwojmhxxgkgtctseyljkkcugxkbbvio1 [2011/01/17 13:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendekayrkahkt3smrszaqlsfec3xxptby2 [2011/01/17 07:22:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendeniqfktkbvbm3krudyyylglnucznbjw [2011/01/17 07:22:10 | 000,000,000 | ---D | C] -- C:\Program Files\win [2011/01/16 13:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendwi2kbfserbmhaornvncneshh13ratqe [2011/01/16 08:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendeyjluyhugzimi1njrafla3w1kzcvzxa [2011/01/15 20:12:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendjmseffzijrefavxjakxkki3dxtgrozk [2011/01/15 15:09:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mp\Application Data\xssendrn1miffrrkmterrjmzgiesrt1kpeesj [2011/01/15 15:09:05 | 000,000,000 | ---D | C] -- C:\Program Files\windows [2011/01/15 15:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Bfipprnl£Â½´Ëohaffmxb.exe [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/22 17:10:50 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job [2011/01/22 17:06:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/22 17:06:03 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/01/22 13:39:24 | 000,304,952 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\SoftonicDownloader_pour_noclone.exe [2011/01/22 13:24:41 | 000,739,397 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\OneClick2RP.exe [2011/01/22 12:43:07 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\mp\Application Data\Microsoft\Internet Explorer\Quick Launch\Lecteur Windows Media.lnk [2011/01/22 12:09:24 | 000,000,691 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\Raccourci vers CCleaner.lnk [2011/01/22 12:06:28 | 000,367,658 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/01/22 12:06:28 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/01/22 12:06:28 | 000,048,616 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/01/22 12:06:28 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/01/22 12:01:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/01/22 11:28:34 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/01/22 11:28:07 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\mp\Mes documents\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50.1_francais_215092.exe [2011/01/22 11:25:08 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011/01/22 11:25:08 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011/01/22 11:23:42 | 000,879,047 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\SecurityCheck.exe [2011/01/21 20:46:44 | 000,000,315 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\Zebulon.fr.url [2011/01/21 20:36:50 | 000,001,484 | ---- | M] () -- C:\Documents and Settings\mp\Bureau\Explorateur Windows.lnk [2011/01/21 19:39:34 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2011/01/21 19:36:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/01/21 18:59:49 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/01/21 17:43:15 | 000,041,788 | ---- | M] () -- C:\Documents and Settings\mp\Mes documents\cc_20110121_174311.reg [2011/01/21 17:23:33 | 000,000,824 | ---- | M] () -- C:\Documents and Settings\mp\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2011/01/21 14:52:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mp\Bureau\OTL.exe [2011/01/21 06:43:47 | 000,001,716 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk [2011/01/20 23:41:35 | 000,000,318 | RHS- | M] () -- C:\boot.ini [2011/01/20 23:28:01 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/22 13:39:06 | 000,304,952 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\SoftonicDownloader_pour_noclone.exe [2011/01/22 13:24:35 | 000,739,397 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\OneClick2RP.exe [2011/01/22 12:09:24 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\Raccourci vers CCleaner.lnk [2011/01/22 11:49:24 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011/01/22 11:28:34 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/01/22 11:23:36 | 000,879,047 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\SecurityCheck.exe [2011/01/21 20:46:44 | 000,000,315 | ---- | C] () -- C:\Documents and Settings\mp\Bureau\Zebulon.fr.url [2011/01/21 17:43:13 | 000,041,788 | ---- | C] () -- C:\Documents and Settings\mp\Mes documents\cc_20110121_174311.reg [2011/01/21 17:37:59 | 000,000,426 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{72045675-8193-4D2F-A529-1D566F7874F8}.job [2011/01/21 16:48:20 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2011/01/21 16:48:20 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2011/01/21 16:48:19 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2011/01/21 16:48:19 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2011/01/21 16:48:17 | 000,677,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2011/01/21 16:48:17 | 000,075,692 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2011/01/21 16:48:17 | 000,027,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2011/01/21 16:48:16 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2011/01/21 16:48:16 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2011/01/21 16:48:16 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2011/01/21 16:48:16 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2011/01/21 16:48:16 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2011/01/21 16:48:16 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2011/01/21 16:48:16 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2011/01/21 16:48:16 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2011/01/21 16:48:16 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2011/01/21 16:48:15 | 000,058,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2011/01/21 16:48:10 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2011/01/21 16:48:09 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2011/01/21 16:48:09 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2011/01/21 16:48:09 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2011/01/21 16:48:09 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2011/01/21 16:48:09 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2011/01/21 16:48:09 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2011/01/21 16:48:09 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2011/01/21 16:48:09 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2011/01/21 16:48:09 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2011/01/21 16:48:09 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2011/01/21 16:48:00 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2011/01/21 16:48:00 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2011/01/21 16:48:00 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2011/01/21 16:47:51 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2011/01/21 16:47:51 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2011/01/21 16:47:51 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2011/01/21 16:47:51 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2011/01/21 16:47:50 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2011/01/21 16:47:50 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2011/01/21 16:47:49 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2011/01/21 16:47:49 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2011/01/21 16:47:49 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2011/01/21 16:47:49 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2011/01/21 16:47:35 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2011/01/21 16:47:33 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2011/01/21 16:47:23 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2011/01/21 16:47:20 | 000,066,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2011/01/21 16:47:13 | 000,085,617 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2011/01/21 16:47:13 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2011/01/21 16:47:13 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2011/01/21 16:47:13 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2011/01/21 16:47:13 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2011/01/21 16:47:13 | 000,001,455 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2011/01/21 16:47:13 | 000,001,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2011/01/21 16:47:13 | 000,001,057 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2011/01/21 16:47:13 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2011/01/21 16:47:13 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2011/01/21 16:47:13 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2011/01/21 16:47:13 | 000,000,819 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2011/01/21 16:47:13 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2011/01/21 16:47:13 | 000,000,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2011/01/21 16:47:13 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2011/01/21 16:47:13 | 000,000,732 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2011/01/21 16:47:04 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2011/01/21 16:46:57 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2011/01/21 16:46:57 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2011/01/21 16:46:26 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2011/01/21 16:46:26 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2011/01/21 16:46:26 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2011/01/21 16:46:18 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2011/01/21 16:45:49 | 000,002,524 | ---- | C] () -- C:\WINDOWS\System32\pid.inf [2011/01/21 16:45:36 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2011/01/21 16:45:21 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2011/01/21 16:45:21 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2011/01/21 16:45:21 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2011/01/21 16:45:21 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2011/01/21 16:45:18 | 000,184,107 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2011/01/21 16:45:17 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2011/01/21 16:45:17 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2011/01/21 16:45:17 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2011/01/21 16:45:17 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2011/01/21 16:45:17 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2011/01/21 16:45:09 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2011/01/21 06:43:47 | 000,001,716 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk [2011/01/20 23:41:09 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2011/01/20 21:48:17 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2011/01/20 21:48:17 | 000,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig [2011/01/20 21:48:17 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2010/12/19 19:16:14 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI [2010/11/04 11:35:24 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/11/04 10:50:24 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005/03/14 14:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2003/02/18 18:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/11/04 11:02:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011/01/20 23:41:35 | 000,000,318 | RHS- | M] () -- C:\boot.ini [2002/08/30 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010/11/04 11:02:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010/11/04 11:02:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/11/11 13:59:57 | 000,004,140 | ---- | M] () -- C:\lxdecomx.log [2010/11/04 11:02:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/01/20 23:28:01 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2011/01/21 18:59:49 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/01/22 17:05:59 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2010/11/04 11:47:57 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2010/11/04 11:47:57 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2010/11/04 11:47:57 | 000,397,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/01/22 11:25:08 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys [2011/01/22 11:25:08 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2010/11/02 16:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-01-22 11:01:12 < > < End of report > il n'y a qu'un seul rapport...
  10. sio
    je n'ai pas mis le bon rapport .... ch'ui nul ! le voici : Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5564 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 21/01/2011 16:10:54 mbam-log-2011-01-21 (16-10-54).txt Type d'examen: Examen rapide Elément(s) analysé(s): 174782 Temps écoulé: 18 minute(s), 51 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\documents and settings\mp\menu démarrer\programmes\démarrage\ohaffmxb.exe (Spyware.Passwords.XGen) -> Delete on reboot. --------------------- j'ai lancé OTL comme demandé .... et il semble stoppé sur HKEY_LOCAL_MACHINE .... RunOnceKey ???
  11. sio
    bonjour, voici les rapports demandés : Results of screen317's Security Check version 0.99.8 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Adobe Flash Player 10.1.102.64 Mozilla Firefox (3.6.13) ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe ``````````End of Log```````````` -------------------------------------------------------------------------------------------- Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5570 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/01/2011 11:36:22 mbam-log-2011-01-22 (11-36-22).txt Type d'examen: Examen rapide Elément(s) analysé(s): 171054 Temps écoulé: 7 minute(s), 6 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) ---------------------------------------------------------------
  12. sio
    bonsoir, Je relance à nouveau les généreux connaisseurs de l'éradication. Cette fois, c'est l'ordinateur de mes filles a quelques lenteurs, mais rien encore de catastrophique. Comme j'ai eu a "traiter" le mien il y a 10 jours, j'ai commencé le traitement:) ANTIVIR a été intallé et un scan lancé. MALWAREBYTE a été fait. OTL est installé sur le bureau. voici le rapport ANTIVIR Avira AntiVir Personal Date de création du fichier de rapport : vendredi 21 janvier 2011 19:43 La recherche porte sur 2411098 souches de virus. Le programme fonctionne en version intégrale illimitée. Les services en ligne sont disponibles. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : ORDI2 Informations de version : BUILD.DAT : 10.0.0.99 31821 Bytes 27/08/2010 08:04:00 AVSCAN.EXE : 10.0.3.1 434344 Bytes 17/08/2010 12:38:56 AVSCAN.DLL : 10.0.3.0 56168 Bytes 17/08/2010 12:39:10 LUKE.DLL : 10.0.2.3 104296 Bytes 17/08/2010 12:39:03 LUKERES.DLL : 10.0.0.0 13672 Bytes 17/08/2010 12:39:11 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 05:45:09 VBASE002.VDF : 7.11.0.1 2048 Bytes 14/12/2010 05:45:09 VBASE003.VDF : 7.11.0.2 2048 Bytes 14/12/2010 05:45:09 VBASE004.VDF : 7.11.0.3 2048 Bytes 14/12/2010 05:45:09 VBASE005.VDF : 7.11.0.4 2048 Bytes 14/12/2010 05:45:10 VBASE006.VDF : 7.11.0.5 2048 Bytes 14/12/2010 05:45:10 VBASE007.VDF : 7.11.0.6 2048 Bytes 14/12/2010 05:45:10 VBASE008.VDF : 7.11.0.7 2048 Bytes 14/12/2010 05:45:10 VBASE009.VDF : 7.11.0.8 2048 Bytes 14/12/2010 05:45:10 VBASE010.VDF : 7.11.0.9 2048 Bytes 14/12/2010 05:45:10 VBASE011.VDF : 7.11.0.10 2048 Bytes 14/12/2010 05:45:10 VBASE012.VDF : 7.11.0.11 2048 Bytes 14/12/2010 05:45:11 VBASE013.VDF : 7.11.0.52 128000 Bytes 16/12/2010 05:45:11 VBASE014.VDF : 7.11.0.91 226816 Bytes 20/12/2010 05:45:11 VBASE015.VDF : 7.11.0.122 136192 Bytes 21/12/2010 05:45:12 VBASE016.VDF : 7.11.0.156 122880 Bytes 24/12/2010 05:45:12 VBASE017.VDF : 7.11.0.185 146944 Bytes 27/12/2010 05:45:12 VBASE018.VDF : 7.11.0.228 132608 Bytes 30/12/2010 05:45:13 VBASE019.VDF : 7.11.1.5 148480 Bytes 03/01/2011 05:45:14 VBASE020.VDF : 7.11.1.37 156672 Bytes 07/01/2011 05:45:15 VBASE021.VDF : 7.11.1.65 140800 Bytes 10/01/2011 05:45:15 VBASE022.VDF : 7.11.1.87 225280 Bytes 11/01/2011 05:45:16 VBASE023.VDF : 7.11.1.124 125440 Bytes 14/01/2011 05:45:16 VBASE024.VDF : 7.11.1.155 132096 Bytes 17/01/2011 05:45:18 VBASE025.VDF : 7.11.1.189 451072 Bytes 20/01/2011 05:45:21 VBASE026.VDF : 7.11.1.190 2048 Bytes 20/01/2011 05:45:21 VBASE027.VDF : 7.11.1.191 2048 Bytes 20/01/2011 05:45:22 VBASE028.VDF : 7.11.1.192 2048 Bytes 20/01/2011 05:45:22 VBASE029.VDF : 7.11.1.193 2048 Bytes 20/01/2011 05:45:22 VBASE030.VDF : 7.11.1.194 2048 Bytes 20/01/2011 05:45:22 VBASE031.VDF : 7.11.1.201 19968 Bytes 20/01/2011 05:45:22 Version du moteur : 8.2.4.150 AEVDF.DLL : 8.1.2.1 106868 Bytes 17/08/2010 12:38:53 AESCRIPT.DLL : 8.1.3.52 1282426 Bytes 21/01/2011 05:45:30 AESCN.DLL : 8.1.7.2 127349 Bytes 21/01/2011 05:45:29 AESBX.DLL : 8.1.3.2 254324 Bytes 21/01/2011 05:45:30 AERDL.DLL : 8.1.9.2 635252 Bytes 21/01/2011 05:45:29 AEPACK.DLL : 8.2.4.8 512374 Bytes 21/01/2011 05:45:28 AEOFFICE.DLL : 8.1.1.15 205178 Bytes 21/01/2011 05:45:28 AEHEUR.DLL : 8.1.2.68 3178870 Bytes 21/01/2011 05:45:28 AEHELP.DLL : 8.1.16.0 246136 Bytes 21/01/2011 05:45:25 AEGEN.DLL : 8.1.5.2 397683 Bytes 21/01/2011 05:45:25 AEEMU.DLL : 8.1.3.0 393589 Bytes 21/01/2011 05:45:24 AECORE.DLL : 8.1.19.2 196983 Bytes 21/01/2011 05:45:24 AEBB.DLL : 8.1.1.0 53618 Bytes 17/08/2010 12:38:45 AVWINLL.DLL : 10.0.0.0 19304 Bytes 17/08/2010 12:38:56 AVPREF.DLL : 10.0.0.0 44904 Bytes 17/08/2010 12:38:55 AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 14:27:52 AVREG.DLL : 10.0.3.2 53096 Bytes 17/08/2010 12:38:56 AVSCPLR.DLL : 10.0.3.1 83816 Bytes 17/08/2010 12:38:56 AVARKT.DLL : 10.0.0.14 227176 Bytes 17/08/2010 12:38:54 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 17/08/2010 12:38:55 SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 14:28:02 AVSMTP.DLL : 10.0.0.17 63848 Bytes 17/08/2010 12:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 14:28:01 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 11/02/2010 00:23:03 RCTEXT.DLL : 10.0.58.0 99688 Bytes 17/08/2010 12:39:11 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, E:, Recherche dans les programmes actifs..........: marche Programmes en cours étendus...................: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : vendredi 21 janvier 2011 19:43 La recherche d'objets cachés commence. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist [REMARQUE] L'entrée d'enregistrement n'est pas visible. La recherche sur les processus démarrés commence : Processus de recherche 'msdtc.exe' - '40' module(s) sont contrôlés Processus de recherche 'dllhost.exe' - '59' module(s) sont contrôlés Processus de recherche 'dllhost.exe' - '45' module(s) sont contrôlés Processus de recherche 'vssvc.exe' - '48' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '67' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '63' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '25' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '45' module(s) sont contrôlés Processus de recherche 'RunDll32.exe' - '41' module(s) sont contrôlés Processus de recherche 'IEXPLORE.EXE' - '32' module(s) sont contrôlés Processus de recherche 'Explorer.EXE' - '89' module(s) sont contrôlés Processus de recherche 'alg.exe' - '33' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '14' module(s) sont contrôlés Processus de recherche 'avshadow.exe' - '25' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '54' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '34' module(s) sont contrôlés Processus de recherche 'sched.exe' - '45' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '53' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '37' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '32' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '163' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '38' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '51' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '13' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '62' module(s) sont contrôlés Processus de recherche 'services.exe' - '27' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '72' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '12' module(s) sont contrôlés Processus de recherche 'smss.exe' - '2' module(s) sont contrôlés La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'E:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : C:\Documents and Settings\mp\Menu Démarrer\Programmes\Démarrage\ohaffmxb.exe [RESULTAT] Contient le code suspect : HEUR/Malware --> Object [RESULTAT] Contient le code suspect : HEUR/Malware Le registre a été contrôlé ( '307' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <HDD1-10Go> C:\Documents and Settings\mp\Menu Démarrer\Programmes\Démarrage\ohaffmxb.exe [RESULTAT] Contient le code suspect : HEUR/Malware --> Object [RESULTAT] Contient le code suspect : HEUR/Malware C:\System Volume Information\_restore{1ECBE503-7938-48C0-A347-1E59476836F3}\RP170\A0014921.exe [RESULTAT] Contient le code suspect : HEUR/Malware --> Object [RESULTAT] Contient le code suspect : HEUR/Malware Recherche débutant dans 'E:\' <FILLES> E:\attente\Game Collection\Iggle Pop!\IgglePop.exe [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.eeft.1 Début de la désinfection : E:\attente\Game Collection\Iggle Pop!\IgglePop.exe [RESULTAT] Contient le cheval de Troie TR/PSW.Magania.eeft.1 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '468a4412.qua' ! C:\System Volume Information\_restore{1ECBE503-7938-48C0-A347-1E59476836F3}\RP170\A0014921.exe [RESULTAT] Contient le code suspect : HEUR/Malware [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '5ed46b7e.qua' ! C:\Documents and Settings\mp\Menu Démarrer\Programmes\Démarrage\ohaffmxb.exe [RESULTAT] Contient le code suspect : HEUR/Malware [REMARQUE] L’entrée de registre <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Startup> a été supprimée. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '0c78315e.qua' ! Fin de la recherche : vendredi 21 janvier 2011 20:35 Temps nécessaire: 51:20 Minute(s) La recherche a été effectuée intégralement 4139 Les répertoires ont été contrôlés 135769 Des fichiers ont été contrôlés 1 Des virus ou programmes indésirables ont été trouvés 3 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 3 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 0 Impossible de scanner des fichiers 135765 Fichiers non infectés 650 Les archives ont été contrôlées 0 Avertissements 3 Consignes 200820 Des objets ont été contrôlés lors du Rootkitscan 1 Des objets cachés ont été trouvés ---------------------- d'avance MERCI pour votre aide
  13. sio
    merci pour la qualité et la précision de ton intervention.
  14. sio
    All processes killed ========== OTL ========== Service a2AntiMalware stopped successfully! Service a2AntiMalware deleted successfully! C:\Program Files\Emsisoft Anti-Malware\a2service.exe moved successfully. Service Symantec Core LC stopped successfully! Service Symantec Core LC deleted successfully! C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe moved successfully. Service Planificateur LiveUpdate automatique stopped successfully! Service Planificateur LiveUpdate automatique deleted successfully! File C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found not found. Service a2acc stopped successfully! Service a2acc deleted successfully! C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys moved successfully. Service a2injectiondriver stopped successfully! Service a2injectiondriver deleted successfully! C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys moved successfully. Service a2util stopped successfully! Service a2util deleted successfully! C:\Program Files\Emsisoft Anti-Malware\a2util32.sys moved successfully. Service symlcbrd stopped successfully! Service symlcbrd deleted successfully! C:\WINDOWS\system32\drivers\symlcbrd.sys moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\a-squared not found. C:\Program Files\Emsisoft Anti-Malware\a2guard.exe moved successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\ALUAlert deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ALUAlert not found. ========== FILES ========== C:\Program Files\Emsisoft Anti-Malware\Signatures folder moved successfully. C:\Program Files\Emsisoft Anti-Malware\Quarantine folder moved successfully. C:\Program Files\Emsisoft Anti-Malware\Logs folder moved successfully. C:\Program Files\Emsisoft Anti-Malware\Languages folder moved successfully. C:\Program Files\Emsisoft Anti-Malware\HiJackFree folder moved successfully. C:\Program Files\Emsisoft Anti-Malware folder moved successfully. C:\Program Files\Fichiers communs\Symantec Shared\Security Center folder moved successfully. C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC folder moved successfully. C:\Program Files\Fichiers communs\Symantec Shared folder moved successfully. File\Folder C:\Program Files\Symantec not found. File\Folder C:\WINDOWS\system32\drivers\symlcbrd.sys not found. File\Folder C:\Documents and Settings\All Users\Bureau\Emsisoft Anti-Malware.lnk not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: franhemapau ->Temp folder emptied: 116924 bytes ->Temporary Internet Files folder emptied: 149882 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 59027477 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 788 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 967 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 57,00 mb [EMPTYFLASH] User: All Users User: Default User User: franhemapau ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.20.2 log created on 01132011_210913 Files\Folders moved on Reboot... Registry entries deleted on Reboot... avant de sauter au plafond j'attends ton verdict, mais il n'est plus sur mon disque c:
  15. sio
    merci pour ta disponibilité All processes killed ========== FILES ========== ADS C:\windows\SK@J:C=e.ini deleted successfully. C:\windows\SK@J moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: franhemapau ->Temp folder emptied: 978682 bytes ->Temporary Internet Files folder emptied: 287904 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 64081215 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 456 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3244 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 214088627 bytes Total Files Cleaned = 267,00 mb [EMPTYFLASH] User: All Users User: Default User User: franhemapau ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.20.2 log created on 01132011_184758 Files\Folders moved on Reboot... Registry entries deleted on Reboot... par contre rien n'est possible, j'ai toujours le même message de fichier manquant ....
  16. sio
    suite à mon souci de pages folles, j'avais installé "Emsisoft Anti-Malware" et je n'arrive plus à le désinstaller. le message suivant apparait lorsque je clique sur unins000.exe : """ message file "C:\program files\emisoft anti-malware\unins000.msg" is missing. Please correct the problem or obtain a new copy of the program """ j'ai bien tenté de réinstaller le logiciel après l'avoir à nouveau téléchargé. lors de la tentative de réinstallation, il me dit : """ C:\program files\emisoft anti-malware\unins001.exe une erreur est survenue en essayant de créer un fichier dans le dossier de destination : accès refusé abandonner / ignorer / réessayer """ voila ... que faire ?
  17. sio
    MERCI beaucoup pour action efficace ! j'avais testé une fois ce forum et c'est toujours aussi bien ... je reste attentif bonne soirée
  18. sio
    re, j'ai désactivé puis réactivé la restauration du système. j'ai eu le message qui m'annonçait la suppression de tous les points de restauration précédents. tu penses que c'est bon ?
  19. sio
    Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5486 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 12/01/2011 19:03:08 mbam-log-2011-01-12 (19-03-08).txt Type d'examen: Examen rapide Elément(s) analysé(s): 132737 Temps écoulé: 6 minute(s), 27 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  20. sio
    en allant voir AVIRA ANTIVIR sur les évènements de la journée, voilà ce que j'ai trouvé : Dans le fichier 'C:\System Volume Information\_restore{95F405FE-6904-4BE8-9394-709C851504BC}\RP1539\A0271694.exe' un virus ou un programme indésirable 'TR/PSW.Magania.eeft.1' [trojan] a été détecté. Action exécutée : Refuser l'accès ce fichier à tenté de s'ouvrir toute les heures à 15h03 puis 16h03 puis 17h03 ... ce doit être cela les pubs, ma femme n'a rien vu sur apparaitre l'ordi aujourd'hui Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5486 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 12/01/2011 19:03:08 mbam-log-2011-01-12 (19-03-08).txt Type d'examen: Examen rapide Elément(s) analysé(s): 132737 Temps écoulé: 6 minute(s), 27 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  21. sio
    merci d'avance pour le temps que tu consacres à mon souci ... rapport OLT : All processes killed ========== FILES ========== C:\Program Files\cacaoweb folder moved successfully. C:\WINDOWS\BackupIP folder moved successfully. C:\Program Files\Fichiers communs\BOONTY Shared\Service folder moved successfully. C:\Program Files\Fichiers communs\BOONTY Shared folder moved successfully. File\Folder C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\ddxgb.sys not found. File\Folder C:\Program Files\MyWebSearch not found. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\defaults\preferences folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\defaults folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\skin folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\fr-FR folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\es-ES folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\en-US folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\de-DE folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\locale folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome\content folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\chrome folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org folder moved successfully. C:\Documents and Settings\franhemapau\Application Data\cacaoweb folder moved successfully. ========== OTL ========== No active process named cacaoweb.exe was found! No active process named service.exe was found! Service sdmBackupIP stopped successfully! Service sdmBackupIP deleted successfully! File C:\WINDOWS\BackupIP\service.exe not found. Service Boonty Games stopped successfully! Service Boonty Games deleted successfully! File C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe not found. Service ddxgb stopped successfully! Service ddxgb deleted successfully! File C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\ddxgb.sys File not found not found. Prefs.js: cacaoweb@cacaoweb.org:1.0.8 removed from extensions.enabledItems Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com deleted successfully. Folder C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org\ not found. Registry value HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cacaoweb deleted successfully. File C:\Program Files\cacaoweb\cacaoweb.exe not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found. Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found. Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found. Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found. Registry key HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Starting removal of ActiveX control {EDFCB7CB-942C-4822-AF14-F0B687409848} C:\windows\Downloaded Program Files\ImageUploader4.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{EDFCB7CB-942C-4822-AF14-F0B687409848}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDFCB7CB-942C-4822-AF14-F0B687409848}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{EDFCB7CB-942C-4822-AF14-F0B687409848}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDFCB7CB-942C-4822-AF14-F0B687409848}\ not found. File oft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab not found. Starting removal of ActiveX control Microsoft XML Parser for Java Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\\Boonty Games deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NDAS Device Management.lnk\ deleted successfully. C:\windows\pss\NDAS Device Management.lnkCommon Startup moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^sTabLauncher.lnk\ deleted successfully. C:\windows\pss\sTabLauncher.lnkCommon Startup moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinKey.lnk\ deleted successfully. C:\windows\pss\WinKey.lnkCommon Startup moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\MyWebSearch Email Plugin\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}\ not found. C:\windows\000001_.tmp deleted successfully. C:\windows\002426_.tmp deleted successfully. C:\windows\002450_.tmp deleted successfully. C:\windows\005867_.tmp deleted successfully. C:\windows\SET3.tmp deleted successfully. C:\windows\SET7.tmp deleted successfully. C:\windows\SET8C.tmp deleted successfully. C:\windows\SET98.tmp deleted successfully. C:\windows\~ACROBAT.TMP deleted successfully. C:\windows\System32\CONFIG.TMP deleted successfully. C:\windows\System32\fxsapi.dll.tmp deleted successfully. C:\windows\System32\fxsst.dll.tmp deleted successfully. C:\windows\System32\iprip.dll.tmp deleted successfully. C:\windows\System32\SET127.tmp deleted successfully. C:\windows\System32\SET12A.tmp deleted successfully. C:\windows\System32\SET136.tmp deleted successfully. C:\windows\System32\SET138.tmp deleted successfully. C:\windows\System32\SET17C.tmp deleted successfully. C:\windows\System32\SET1B.tmp deleted successfully. C:\windows\System32\SET22F.tmp deleted successfully. C:\windows\System32\SET231.tmp deleted successfully. C:\windows\System32\SET23F.tmp deleted successfully. C:\windows\System32\SET33.tmp deleted successfully. C:\windows\System32\SET4C.tmp deleted successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\cacaoweb\cacaoweb.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\ViewpointMediaPlayer not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\"DisableMonitoring" |"0" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\"DisableMonitoring" |"0" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: franhemapau ->Temp folder emptied: 3976425 bytes ->Temporary Internet Files folder emptied: 4445559 bytes ->Java cache emptied: 49175454 bytes ->FireFox cache emptied: 108019493 bytes ->Google Chrome cache emptied: 77161943 bytes ->Flash cache emptied: 3887 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 579728 bytes User: NetworkService ->Temp folder emptied: 8654 bytes ->Temporary Internet Files folder emptied: 84505 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 397827 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 233,00 mb [EMPTYFLASH] User: All Users User: Default User User: franhemapau ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.20.1 log created on 01122011_180824 Files\Folders moved on Reboot... Registry entries deleted on Reboot... rapport TOTAL VIRUS Antivirus Version Last update Result AhnLab-V3 2011.01.12.01 2011.01.12 - AntiVir 7.11.1.110 2011.01.12 - Antiy-AVL 2.0.3.7 2011.01.12 - Avast 4.8.1351.0 2011.01.12 - Avast5 5.0.677.0 2011.01.12 - BitDefender 7.2 2011.01.12 - CAT-QuickHeal 11.00 2011.01.12 - ClamAV 0.96.4.0 2011.01.12 - Command 5.2.11.5 2011.01.12 - Comodo 7372 2011.01.12 - DrWeb 5.0.2.03300 2011.01.12 - Emsisoft 5.1.0.1 2011.01.12 - eSafe 7.0.17.0 2011.01.12 - eTrust-Vet 36.1.8095 2011.01.12 - F-Prot 4.6.2.117 2011.01.11 - F-Secure 9.0.16160.0 2011.01.12 - Fortinet 4.2.254.0 2011.01.10 - GData 21 2011.01.12 - Ikarus T3.1.1.97.0 2011.01.12 - Jiangmin 13.0.900 2011.01.12 - K7AntiVirus 9.75.3523 2011.01.12 - Kaspersky 7.0.0.125 2011.01.12 - McAfee 5.400.0.1158 2011.01.12 - McAfee-GW-Edition 2010.1C 2011.01.12 - Microsoft 1.6402 2011.01.12 - NOD32 5782 2011.01.12 - Norman 6.06.12 2011.01.12 - nProtect 2011-01-12.01 2011.01.12 - Panda 10.0.2.7 2011.01.12 - PCTools 7.0.3.5 2011.01.12 - Prevx 3.0 2011.01.12 - Rising 22.82.02.03 2011.01.12 - Sophos 4.61.0 2011.01.12 - SUPERAntiSpyware 4.40.0.1006 2011.01.12 - Symantec 20101.3.0.103 2011.01.12 - TheHacker 6.7.0.1.113 2011.01.11 - TrendMicro 9.120.0.1004 2011.01.12 - TrendMicro-HouseCall 9.120.0.1004 2011.01.12 - VBA32 3.12.14.2 2011.01.12 - VIPRE 8053 2011.01.12 - ViRobot 2011.1.12.4249 2011.01.12 - VirusBuster 13.6.142.2 2011.01.12 - MD5: 3a91ecee2ba6fc9ed09ce0ae0002f9bb SHA1: 08ab490d3296c510502b342f33bb4652109ded17 SHA256: f110edb6d8d6b20a0fea8238968be3e6123212df74caa60eb589f2c2ca4e7b8b File size: 56 bytes Scan date: 2011-01-12 17:31:11 (UTC) :-? :-? ensuite fait la même manipulation avec >> C:\windows\SK@J :-? :-? :-? il ne fait rien VIRUS TOTAL avec ce fichier ....
  22. sio
    OTL logfile created on: 11/01/2011 22:42:34 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\franhemapau\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 55,89 Gb Total Space | 4,74 Gb Free Space | 8,49% Space Free | Partition Type: NTFS Drive D: | 55,90 Gb Total Space | 48,80 Gb Free Space | 87,30% Space Free | Partition Type: NTFS Drive E: | 232,88 Gb Total Space | 66,04 Gb Free Space | 28,36% Space Free | Partition Type: NTFS Drive F: | 634,76 Gb Total Space | 92,28 Gb Free Space | 14,54% Space Free | Partition Type: NTFS Drive G: | 195,31 Gb Total Space | 28,82 Gb Free Space | 14,76% Space Free | Partition Type: NTFS Drive H: | 48,83 Gb Total Space | 15,11 Gb Free Space | 30,94% Space Free | Partition Type: NTFS Drive I: | 52,61 Gb Total Space | 10,95 Gb Free Space | 20,81% Space Free | Partition Type: NTFS Computer Name: SALON | User Name: franhemapau | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\franhemapau\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH) PRC - C:\Program Files\cacaoweb\cacaoweb.exe () PRC - C:\WINDOWS\BackupIP\service.exe () PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\HACE\Mmm\Mmm.exe () PRC - C:\Program Files\NDAS\System\ndassvc.exe (XIMETA, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.) PRC - C:\WINDOWS\system32\lxdecoms.exe ( ) PRC - C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision) PRC - C:\Program Files\sTabLauncher\sTabLauncher.exe (Sergio Santos) PRC - C:\Program Files\Wanadoo\GestionnaireInternet.exe (France Télécom R&D) PRC - C:\Program Files\Wanadoo\ComComp.exe (France Télécom R&D) PRC - C:\Program Files\Wanadoo\Toaster.exe (France Telecom R&D) PRC - C:\Program Files\Wanadoo\Inactivity.exe () PRC - C:\Program Files\Wanadoo\PollingModule.exe () PRC - C:\WINDOWS\system32\AlertModule\AlertModule.exe () PRC - C:\WINDOWS\system32\FTRTSVC.exe (France Telecom) PRC - C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D) PRC - C:\WINDOWS\Dit.exe (ICSI Technology Ltd.) PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\franhemapau\Bureau\OTL.exe (OldTimer Tools) MOD - C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll (Emsi Software GmbH) MOD - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealNetworks, Inc.) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll (Microsoft Corporation) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll (Microsoft Corporation) MOD - C:\Program Files\Wanadoo\Inactivity.dll () ========== Win32 Services (SafeList) ========== SRV - (Planificateur LiveUpdate automatique) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe File not found SRV - (HidServ) -- C:\windows\System32\hidserv.dll File not found SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH) SRV - (sdmBackupIP) -- C:\WINDOWS\BackupIP\service.exe () SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (LVSrvLauncher) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.) SRV - (Boonty Games) -- C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (BOONTY) SRV - (ndassvc) -- C:\Program Files\NDAS\System\ndassvc.exe (XIMETA, Inc.) SRV - (LVPrcSrv) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (LVCOMSer) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.) SRV - (lxde_device) -- C:\windows\System32\lxdecoms.exe ( ) SRV - (lxdeCATSCustConnectService) -- C:\windows\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe () SRV - (C-DillaCdaC11BA) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision) SRV - (Symantec Core LC) -- C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation) SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (FTRTSVC) -- C:\WINDOWS\system32\FTRTSVC.exe (France Telecom) SRV - (InCDsrv) -- C:\Program Files\Ahead\InCD\incdsrv.exe (Ahead Software AG) SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (ZDPSp50) -- C:\windows\System32\Drivers\ZDPSp50.sys File not found DRV - (ZDCndis5) -- C:\windows\System32\ZDCndis5.SYS File not found DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\windows\System32\DRIVERS\RTL8139.SYS File not found DRV - (PCAMPR5) -- C:\windows\System32\PCAMPR5.SYS File not found DRV - (ddxgb) -- C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\ddxgb.sys File not found DRV - (CardReaderFilter) -- C:\WINDOWS\system32\drivers\USBCRFT.SYS (ICSI Technology Ltd.) DRV - (a2acc) -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys (Emsi Software GmbH) DRV - (aswTdi) -- C:\windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswSP) -- C:\windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswRdr) -- C:\windows\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMon2) -- C:\windows\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswFsBlk) -- C:\windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (Aavmker4) -- C:\windows\System32\drivers\aavmker4.sys (AVAST Software) DRV - (a2injectiondriver) -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys (Emsi Software GmbH) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (a2util) -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys (Emsi Software GmbH) DRV - (cpuz132) -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys (Windows ® Codename Longhorn DDK provider) DRV - (USBModem) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (UsbDiag) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.) DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.) DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.) DRV - (pepifilter) -- C:\WINDOWS\system32\drivers\lv302af.sys (Logitech Inc.) DRV - (ndasrofs) -- C:\WINDOWS\system32\drivers\ndasrofs.sys (Windows ® Codename Longhorn DDK provider) DRV - (ndasfat) -- C:\WINDOWS\system32\drivers\ndasfat.sys (XIMETA, Inc.) DRV - (ndasfs) -- C:\windows\system32\DRIVERS\ndasfs.sys (XIMETA, Inc.) DRV - (lfsfilt) -- C:\windows\system32\DRIVERS\lfsfilt.sys (XIMETA, Inc.) DRV - (ndasscsi) -- C:\WINDOWS\system32\drivers\ndasscsi.sys (XIMETA, Inc.) DRV - (ndasbus) -- C:\WINDOWS\system32\drivers\ndasbus.sys (XIMETA, Inc.) DRV - (lpx) -- C:\windows\system32\DRIVERS\lpx.sys (XIMETA, Inc.) DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (USB_RNDIS) -- C:\WINDOWS\system32\drivers\usb8023.sys (Microsoft Corporation) DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys (Logitech Inc.) DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.) DRV - (oreans32) -- C:\WINDOWS\system32\drivers\oreans32.sys () DRV - (CdaC15BA) -- C:\WINDOWS\system32\drivers\CdaC15BA.SYS (Macrovision Europe Ltd) DRV - (StMp3Rec) -- C:\WINDOWS\system32\drivers\StMp3Rec.sys (Generic) DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce)) DRV - (symlcbrd) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation) DRV - (AX88772) -- C:\WINDOWS\system32\drivers\ax88772.sys (ASIX Electronics Corp.) DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\windows\System32\drivers\sfsync02.sys (Protection Technology) DRV - (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a) -- C:\windows\System32\drivers\sfdrv01a.sys (Protection Technology (StarForce)) DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce)) DRV - (LVPrcMon) -- C:\WINDOWS\system32\drivers\LVPrcMon.sys () DRV - (PID_08A0) QuickCam IM(PID_08A0) -- C:\WINDOWS\system32\drivers\LV302AV.SYS (Logitech Inc.) DRV - (SaiNtBus) -- C:\WINDOWS\system32\drivers\SaiBus.sys (Saitek) DRV - (SaiMini) -- C:\WINDOWS\system32\drivers\SaiMini.sys (Saitek) DRV - (SaiU040B) -- C:\WINDOWS\system32\drivers\SaiU040B.sys (Saitek) DRV - (SaiH040B) -- C:\WINDOWS\system32\drivers\SaiH040B.sys (Saitek) DRV - (SQTECH905C) -- C:\WINDOWS\system32\drivers\Capt905c.sys (Service & Quality Technology.) DRV - (Cap713x) -- C:\WINDOWS\system32\drivers\Cap713x.sys (Philips Semiconductors) DRV - (prohlp02) -- C:\windows\System32\drivers\prohlp02.sys (Protection Technology) DRV - (prodrv06) -- C:\windows\System32\drivers\prodrv06.sys (Protection Technology) DRV - (prosync1) -- C:\windows\System32\drivers\prosync1.sys (Protection Technology) DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\incdpass.sys (Ahead Software AG) DRV - (InCDfs) -- C:\windows\System32\drivers\incdfs.sys (Ahead Software AG) DRV - (sfhlp01) -- C:\windows\System32\drivers\sfhlp01.sys (Protection Technology) DRV - (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) -- C:\WINDOWS\system32\drivers\alcan5wn.sys (THOMSON) DRV - (alcaudsl) -- C:\WINDOWS\system32\drivers\alcaudsl.sys (THOMSON) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd) DRV - (RTL8023) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys (Realtek Semiconductor Corporation ) DRV - (PCANDIS5) -- C:\WINDOWS\system32\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation) DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation) DRV - (ASPI32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec) DRV - (HIDSwvd) -- C:\WINDOWS\system32\drivers\HIDSwvd.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll () IE - HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.8 FF - prefs.js..extensions.enabledItems: firefox@ghostery.com:2.4.2 FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0 FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: collector@broceliand.fr:5.2.4 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.52 FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\3.bin File not found FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/12/08 07:12:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/13 06:42:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/11 20:23:17 | 000,000,000 | ---D | M] [2009/12/05 14:07:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Extensions [2011/01/11 20:11:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions [2010/07/22 13:36:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/12/12 18:38:32 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} [2011/01/11 20:11:46 | 000,000,000 | ---D | M] ("BitDefender QuickScan") -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2010/09/24 18:14:29 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\cacaoweb@cacaoweb.org [2011/01/04 17:58:53 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\collector@broceliand.fr [2010/11/21 05:22:12 | 000,000,000 | ---D | M] (Ghostery) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\firefox@ghostery.com [2010/11/07 09:52:48 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Documents and Settings\franhemapau\Application Data\Mozilla\Firefox\Profiles\f2er97tf.default\extensions\youtube2mp3@mondayx.de [2009/12/05 14:06:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/12/08 07:12:30 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2007/03/10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll [2010/12/11 20:23:08 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/11 20:23:08 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/11 20:23:08 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/12/11 20:23:08 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/11 20:23:08 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/10/25 23:51:56 | 000,347,207 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 11904 more lines... O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [a-squared] C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe (Emsi Software GmbH) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\.DEFAULT..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found O4 - HKU\S-1-5-18..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [cacaoweb] C:\Program Files\cacaoweb\cacaoweb.exe () O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [Mmm] C:\Program Files\HACE\Mmm\Mmm.exe () O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [sTabLauncher] C:\Program Files\sTabLauncher\sTabLauncher.exe (Sergio Santos) O4 - HKU\S-1-5-21-1935655697-484061587-839522115-1003..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe () O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe () O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINDOWS\Web\OpenFrame.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/25.20/uploader2.cab (UploadListView Class) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.mypix.com/fr/fr/fw_model/domain/library/aurigma/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155907452812 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553542500} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://www.mypix.fr/fr/fr/importer/ImageUploader4.cab (Image Uploader Control) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\franhemapau\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\franhemapau\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\windows\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{af2dc4f2-ad0f-11df-b44b-0040ca8013fe}\Shell\AutoRun\command - "" = WD_Windows_Tools\Setup.exe O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\DmailerSync_v9_0_15109.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\windows\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - C:\windows\System32\iprip.dll (Microsoft Corporation) NetSvcs: Irmon - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - Services: "RichVideo" MsConfig - Services: "InCDsrv" MsConfig - Services: "Boonty Games" MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk - C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk - C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NDAS Device Management.lnk - C:\Program Files\NDAS\System\ndasmgmt.exe - (XIMETA, Inc.) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^sTabLauncher.lnk - C:\WINDOWS\Installer\{462E5968-A02C-4C0A-9F74-1C4DA758CD80}\_424294B8CE29243E7198A4.exe - () MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinKey.lnk - C:\Program Files\WinKey\WinKey.exe - () MsConfig - StartUpReg: Aim6 - hkey= - key= - C:\Program Files\AIM6\aim6.exe File not found MsConfig - StartUpReg: ATIPTA - hkey= - key= - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) MsConfig - StartUpReg: avgnt - hkey= - key= - C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe File not found MsConfig - StartUpReg: ccleaner - hkey= - key= - C:\Program Files\CCleaner\ccleaner.exe (Piriform Ltd) MsConfig - StartUpReg: Easy TM Forever - hkey= - key= - C:\Program Files\Easy TM Forever\EasyTM.exe (NazguL) MsConfig - StartUpReg: FaxCenterServer - hkey= - key= - C:\Program Files\Lexmark Fax Solutions\fm3032.exe File not found MsConfig - StartUpReg: InCD - hkey= - key= - C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG) MsConfig - StartUpReg: LDM - hkey= - key= - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe File not found MsConfig - StartUpReg: LogitechCommunicationsManager - hkey= - key= - C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe () MsConfig - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Program Files\Logitech\QuickCam\Quickcam.exe () MsConfig - StartUpReg: lxdeamon - hkey= - key= - C:\Program Files\Lexmark 4800 Series\lxdeamon.exe () MsConfig - StartUpReg: lxdemon.exe - hkey= - key= - C:\Program Files\Lexmark 4800 Series\lxdemon.exe () MsConfig - StartUpReg: MigrationAnalyzer - hkey= - key= - C:\Program Files\FT_Migration\MigrationAnalyzer\MigrationAnalyzer.exe (France Telecom SA) MsConfig - StartUpReg: MyWebSearch Email Plugin - hkey= - key= - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe File not found MsConfig - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe File not found MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found MsConfig - StartUpReg: Profiler - hkey= - key= - C:\Program Files\Saitek\Software\ProfilerU.exe (Saitek) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - StartUpReg: SaiMfd - hkey= - key= - C:\Program Files\Saitek\Software\SaiMfd.exe (Saitek) MsConfig - StartUpReg: Shockwave Updater - hkey= - key= - File not found MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) MsConfig - StartUpReg: WOOTASKBARICON - hkey= - key= - C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error. ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1 ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error. ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error. ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707 ActiveX: {3F28C128-FB64-F062-6AA8-C32441EA3631} - Lecteur Windows Media ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\windows\system32\Rundll32.exe C:\windows\system32\mscories.dll,Install ActiveX: {8AFDCF8E-C144-C46D-6F0F-BF6BC6949A48} - Microsoft Windows Media Player 6.4 ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E517A643-2CDB-1B74-776F-D4BABCCAA016} - Macromedia Shockwave Director 10.1 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\windows\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\windows\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\system32\rundll32.exe" "C:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3acm - C:\windows\System32\ac3acm.acm (fccHandler) Drivers32: msacm.ac3filter - C:\windows\System32\ac3filter.acm () Drivers32: msacm.alf2cd - C:\windows\System32\alf2cd.acm (NCT Company) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.scg726 - C:\windows\System32\Scg726.acm (SHARP Corporation) Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\windows\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\windows\System32\divx.dll (DivX, Inc.) Drivers32: vidc.dvsd - C:\windows\System32\mcdvd_32.dll (MainConcept) Drivers32: VIDC.FFDS - C:\windows\System32\ffdshow.ax () Drivers32: VIDC.I420 - C:\windows\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.iv31 - C:\windows\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\windows\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\windows\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\windows\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.wmv3 - C:\windows\System32\wmv9vcm.dll (Microsoft Corporation) Drivers32: vidc.xvid - C:\windows\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org) NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\windows\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - C:\windows\System32\iprip.dll (Microsoft Corporation) NetSvcs: Irmon - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2011/01/11 22:37:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\franhemapau\Bureau\OTL.exe [2011/01/11 22:21:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira [2011/01/11 22:20:37 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys [2011/01/11 22:20:32 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys [2011/01/11 22:20:31 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys [2011/01/11 22:20:31 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntdd.sys [2011/01/11 22:20:31 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntmgr.sys [2011/01/11 22:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011/01/11 22:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2011/01/11 20:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Emsisoft Anti-Malware [2011/01/11 20:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware [2011/01/11 20:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Mes documents\Anti-Malware [2011/01/11 20:16:32 | 000,000,000 | ---D | C] -- C:\Navilog1 [2011/01/11 20:16:30 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1 [2011/01/11 20:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\QuickScan [2011/01/10 18:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spybot - Search & Destroy [2011/01/10 18:15:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2011/01/10 18:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools [2011/01/09 12:35:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\NDAS Software [2011/01/09 12:35:33 | 000,000,000 | ---D | C] -- C:\Program Files\NDAS [2011/01/09 12:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CyberLink PowerDirector Express [2011/01/09 12:34:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CyberLink PowerProducer [2011/01/09 12:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Converio 2.0 [2011/01/09 12:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\Converio 2.0 [2011/01/09 12:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI [2011/01/09 12:33:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Catalyst Control Center [2011/01/09 12:33:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Vidéo - convertisseur SUPER [2011/01/09 12:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\MailNavigator [2011/01/09 12:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis [2011/01/09 12:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Decrypter [2011/01/09 12:33:00 | 000,000,000 | ---D | C] -- C:\windows\OPTIONS [2011/01/09 12:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ATI Technologies [2011/01/09 12:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner [2011/01/09 12:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID [2011/01/09 12:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\ConvertHelper [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\viewsonic [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\TubeMaster++ [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\ScreenMates [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\PDF-Creator and PDF-Editor 2 [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\My Music [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\metagenia [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Kellogg's Asie [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Garmin [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Fluendo [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\eMule [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\EACom [2011/01/09 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2011/01/09 12:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\RozetUtil [2011/01/09 12:08:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011/01/09 09:46:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\franhemapau\Recent [2011/01/09 09:26:30 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011/01/09 09:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\Malwarebytes [2011/01/09 09:05:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/01/09 09:05:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/01/09 09:05:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/01/09 09:05:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/01/09 09:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/01/06 18:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mindscape [2011/01/06 18:14:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mindscape [2011/01/05 15:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Mes documents\MOBICLIC [2011/01/01 15:55:52 | 000,191,488 | ---- | C] (ScreenTime Media) -- C:\windows\CB1300SF.scr [2011/01/01 15:55:41 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\windows\flashax.exe [2011/01/01 15:55:41 | 000,000,000 | ---D | C] -- C:\windows\CB1300SF dir [2010/12/31 12:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Installer [2010/12/30 07:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\networker [2010/12/30 07:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\assembly [2010/12/30 07:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\assembly [2010/12/29 21:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Menu Démarrer\Programmes\Electronic Arts [2010/12/29 21:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010/12/29 21:29:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\7-Zip [2010/12/29 21:29:25 | 000,000,000 | ---D | C] -- C:\windows\BackupIP [2010/12/29 21:29:21 | 000,197,632 | ---- | C] (Dino Chiesa) -- C:\windows\System32\Ionic.Zip.Reduced.dll [2010/12/28 22:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\widestream [2010/12/28 22:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\widestream6 Air [2010/12/28 16:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\coverJuke [2010/12/28 16:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\coverJuke [2010/12/28 14:19:19 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spmsg.dll [2010/12/28 12:58:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\Incredible Ink [2010/12/27 23:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franhemapau\Application Data\gtk-2.0 [2010/12/19 22:46:28 | 001,843,200 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTAudioFile2.dll [2010/12/19 22:46:28 | 000,335,872 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTAudioVisualization2.dll [2010/12/19 22:46:28 | 000,311,296 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTAudioRecord2.dll [2010/12/19 22:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\Free MP3 Sound Recorder [2010/12/19 22:46:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Free MP3 Sound Recorder [2010/12/15 14:52:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ndproxy.sys [2010/12/15 14:51:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\wab.exe [2009/02/08 12:25:31 | 000,434,176 | ---- | C] ( ) -- C:\windows\System32\lxdehcp.dll [2009/02/06 18:20:58 | 000,356,352 | ---- | C] ( ) -- C:\windows\System32\lxdeinpa(2).dll [2007/05/17 19:08:58 | 000,647,168 | ---- | C] ( ) -- C:\windows\System32\lxdepmui.dll [2007/05/17 19:06:39 | 001,200,128 | ---- | C] ( ) -- C:\windows\System32\lxdeserv.dll [2007/05/17 19:00:32 | 000,565,248 | ---- | C] ( ) -- C:\windows\System32\lxdelmpm.dll [2007/05/17 19:00:32 | 000,364,544 | ---- | C] ( ) -- C:\windows\System32\lxdecomm.dll [2007/05/17 19:00:32 | 000,356,352 | ---- | C] ( ) -- C:\windows\System32\lxdeinpa.dll [2007/05/17 18:59:33 | 000,663,552 | ---- | C] ( ) -- C:\windows\System32\lxdehbn3.dll [2007/05/17 18:57:52 | 000,950,272 | ---- | C] ( ) -- C:\windows\System32\lxdeusb1.dll [2007/05/17 18:56:55 | 000,860,160 | ---- | C] ( ) -- C:\windows\System32\lxdecomc.dll [2007/05/17 18:52:56 | 000,339,968 | ---- | C] ( ) -- C:\windows\System32\lxdeiesc.dll [2007/05/17 18:51:29 | 000,053,248 | ---- | C] ( ) -- C:\windows\System32\lxdeprox.dll [2006/12/16 17:34:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\franhemapau\Application Data\pcouffin.sys [2004/11/26 22:16:28 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mspaint.exe [2004/11/24 19:25:52 | 000,335,872 | ---- | C] ( ) -- C:\windows\System32\drvc.dll [9 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] [15 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/11 22:38:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\franhemapau\Bureau\OTL.exe [2011/01/11 22:37:58 | 000,000,290 | ---- | M] () -- C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-484061587-839522115-1003.job [2011/01/11 22:37:57 | 000,000,298 | ---- | M] () -- C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-484061587-839522115-1003.job [2011/01/11 22:21:03 | 000,001,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk [2011/01/11 22:00:24 | 000,040,616 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110111_220014.reg [2011/01/11 21:43:08 | 000,002,623 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\Outlook.lnk [2011/01/11 21:01:30 | 000,002,422 | ---- | M] () -- C:\windows\System32\wpa.dbl [2011/01/11 21:00:06 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) -- C:\windows\System32\drivers\USBCRFT.SYS [2011/01/11 20:59:00 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat [2011/01/11 20:58:58 | 000,000,000 | ---- | M] () -- C:\windows\System32\ativvaxx.cap [2011/01/11 20:27:53 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Emsisoft Anti-Malware.lnk [2011/01/11 19:30:31 | 000,003,878 | ---- | M] () -- C:\Documents and Settings\franhemapau\intlname.ols [2011/01/11 06:41:41 | 000,000,279 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\JoeBarTeam.url [2011/01/11 06:41:26 | 000,000,273 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\encens.url [2011/01/11 06:39:47 | 000,000,223 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\AFPA messagerie.url [2011/01/10 18:19:39 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/01/10 18:19:39 | 000,000,945 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\Spybot - Search & Destroy.lnk [2011/01/10 17:36:47 | 000,041,675 | ---- | M] () -- C:\Documents and Settings\All Users\lxde [2011/01/09 22:48:29 | 000,089,233 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\ei 1992.jpg [2011/01/09 22:36:34 | 000,074,006 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\ce1 sacre coeur 1975.jpg [2011/01/09 22:34:13 | 000,074,047 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cp melle leguyader 1974.jpg [2011/01/09 22:21:04 | 000,091,176 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\1ereG sainte therese 1987.jpg [2011/01/09 21:38:43 | 000,063,876 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\47811902.jpg [2011/01/09 21:38:36 | 000,072,323 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\47811950.jpg [2011/01/09 21:38:22 | 000,065,651 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\47811937.jpg [2011/01/09 21:18:25 | 000,040,052 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\boite-encens.jpg [2011/01/09 17:39:25 | 000,104,261 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\photo-ptf8s5.jpg [2011/01/09 14:53:51 | 000,058,629 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\ecran-de-fumee.jpg [2011/01/09 12:37:52 | 000,000,000 | ---- | M] () -- C:\windows\System32\atiicdxx.dat [2011/01/09 12:21:40 | 000,069,026 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110109_122134.reg [2011/01/09 12:04:02 | 000,054,156 | -H-- | M] () -- C:\windows\QTFont.qfn [2011/01/09 12:04:02 | 000,001,409 | ---- | M] () -- C:\windows\QTFont.for [2011/01/09 09:46:55 | 000,029,540 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110109_094650.reg [2011/01/09 09:26:31 | 000,001,746 | ---- | M] () -- C:\Documents and Settings\franhemapau\Bureau\HijackThis.lnk [2011/01/09 09:05:26 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/01/08 19:13:11 | 000,353,856 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110108_191305.reg [2011/01/08 19:02:15 | 000,214,497 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens3.jpg [2011/01/08 19:00:56 | 000,148,533 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encen2.jpg [2011/01/08 18:57:19 | 000,138,816 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\4444901025_96eabd485a_b.jpg [2011/01/08 18:55:11 | 001,861,022 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\5065448377_68cbc7ebd1_o.jpg [2011/01/08 09:54:09 | 000,184,320 | ---- | M] () -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/01/08 09:52:06 | 007,966,666 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\acces1.PDF [2011/01/08 09:50:14 | 000,056,746 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\MailDu07012011.pdf [2011/01/07 22:57:00 | 003,458,560 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\Zizanie.pps [2011/01/06 20:39:05 | 000,056,128 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\BZH_Flag.gif [2011/01/06 20:38:53 | 000,020,335 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\drapeau_breton_m.jpg [2011/01/06 20:38:47 | 000,042,192 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\carte-finist%E8re.jpg [2011/01/06 20:38:39 | 000,015,133 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\bzh.jpg [2011/01/06 20:28:08 | 000,017,533 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\capitainehadock.jpg [2011/01/05 23:53:44 | 000,160,339 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\tshirtzebikesio.jpg [2011/01/05 22:37:22 | 000,741,339 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\initiation-1024-72dpi.jpg [2011/01/05 22:36:09 | 000,763,528 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\lumieres.jpg [2011/01/04 22:01:53 | 000,234,725 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\guideencens.jpg [2011/01/04 21:57:56 | 000,270,324 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\600_____DSCN1255_662.jpg [2011/01/04 19:21:29 | 002,123,902 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\welcometodirt2.bmp [2011/01/04 19:21:18 | 001,497,078 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\welcometodirt.bmp [2011/01/02 22:19:22 | 000,626,176 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\Encens.doc [2011/01/02 21:40:52 | 000,029,249 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-nag-champa-15_1.png [2011/01/02 21:39:16 | 000,027,881 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-frankincense.png [2011/01/02 21:38:24 | 000,026,266 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-auroville-oliban.png [2011/01/02 21:37:23 | 000,034,624 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-aromatherapie-oliban_1.png [2011/01/02 21:37:16 | 000,024,548 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-aromatherapie-frankincense.png [2011/01/02 21:36:44 | 000,025,745 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-myrrhe.png [2011/01/02 21:36:33 | 000,025,984 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-vetiver.png [2011/01/02 21:36:22 | 000,035,656 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-rois-mages.png [2011/01/02 21:36:08 | 000,037,026 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-oliban-somalie.png [2011/01/02 21:36:02 | 000,026,263 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-oliban.png [2011/01/02 21:35:56 | 000,047,111 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-oliban-cones.png [2011/01/02 21:35:29 | 000,025,100 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-feng-shui-feu.png [2011/01/02 21:34:24 | 000,033,452 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-tibetain-oliban.png [2011/01/02 21:33:47 | 000,039,387 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-naturelle-rois-mages.png [2011/01/02 21:33:27 | 000,024,718 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-oliban_1.png [2011/01/02 21:33:16 | 000,035,207 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-naturelle-frankincense.png [2011/01/02 21:33:10 | 000,025,145 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-frankincense.png [2011/01/02 21:33:01 | 000,041,448 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-frankincense_1.png [2011/01/02 12:04:19 | 000,000,202 | ---- | M] () -- C:\windows\NeroDigital.ini [2011/01/02 07:58:48 | 000,047,776 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\CLASSIQUE.XLS [2011/01/01 15:55:52 | 000,191,488 | ---- | M] (ScreenTime Media) -- C:\windows\CB1300SF.scr [2011/01/01 15:55:41 | 000,545,280 | ---- | M] (Microsoft Corporation) -- C:\windows\flashax.exe [2011/01/01 15:55:41 | 000,012,288 | ---- | M] () -- C:\windows\impborl.dll [2010/12/31 10:04:25 | 000,000,038 | ---- | M] () -- C:\windows\AviSplitter.INI [2010/12/30 12:25:11 | 000,210,498 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\big one breizh.bmp [2010/12/30 07:50:06 | 000,434,960 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2010/12/28 17:25:41 | 000,050,230 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\sio.bmp [2010/12/28 16:45:11 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\franhemapau\.recently-used.xbel [2010/12/28 16:44:36 | 000,001,576 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\coverJuke.lnk [2010/12/28 14:21:05 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010/12/28 14:17:52 | 000,023,392 | ---- | M] () -- C:\windows\System32\nscompat.tlb [2010/12/28 14:17:52 | 000,016,832 | ---- | M] () -- C:\windows\System32\amcompat.tlb [2010/12/28 13:55:16 | 000,503,758 | ---- | M] () -- C:\windows\System32\perfh00C.dat [2010/12/28 13:55:16 | 000,435,780 | ---- | M] () -- C:\windows\System32\perfh009.dat [2010/12/28 13:55:16 | 000,081,906 | ---- | M] () -- C:\windows\System32\perfc00C.dat [2010/12/28 13:55:16 | 000,068,676 | ---- | M] () -- C:\windows\System32\perfc009.dat [2010/12/28 12:47:52 | 000,000,029 | ---- | M] () -- C:\windows\popcinfo.dat [2010/12/28 09:34:09 | 000,132,638 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20101228_093402.reg [2010/12/27 22:17:00 | 001,546,451 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\49858-Raffaele-De-Rosa-15.wmv [2010/12/21 23:59:50 | 000,037,879 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\drapeau breton.jpg [2010/12/21 23:59:43 | 000,032,762 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\chapeau-breton.jpg [2010/12/21 23:55:11 | 000,016,309 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\emotions_colere_clr.jpg [2010/12/21 23:55:05 | 000,040,545 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\dyn005_original_376_400_pjpeg_2534793_82dc486e8a780b11145d2bcbfd5ded6e.jpg [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2010/12/19 17:06:48 | 000,003,121 | ---- | M] () -- C:\windows\System32\CONFIG.NT [2010/12/17 21:26:44 | 000,006,369 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\map2.XLS [2010/12/16 17:03:08 | 000,011,264 | ---- | M] () -- C:\windows\System32\Utils.dll [2010/12/15 20:26:13 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk [2010/12/14 22:49:30 | 000,029,821 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\CD Spindle Earring Holder.jpg [2010/12/13 22:01:19 | 000,281,922 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20101213_220107.reg [2010/12/13 00:07:58 | 000,009,062 | ---- | M] () -- C:\Documents and Settings\franhemapau\Mes documents\tm_map_list_12dec2010.XLS [9 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] [15 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/11 22:21:03 | 000,001,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk [2011/01/11 22:00:17 | 000,040,616 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110111_220014.reg [2011/01/11 20:27:53 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Emsisoft Anti-Malware.lnk [2011/01/11 06:40:53 | 000,000,279 | ---- | C] () -- C:\Documents and Settings\franhemapau\Bureau\JoeBarTeam.url [2011/01/11 06:40:20 | 000,000,273 | ---- | C] () -- C:\Documents and Settings\franhemapau\Bureau\encens.url [2011/01/10 18:19:39 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/01/10 18:19:39 | 000,000,945 | ---- | C] () -- C:\Documents and Settings\franhemapau\Bureau\Spybot - Search & Destroy.lnk [2011/01/09 22:48:29 | 000,089,233 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\ei 1992.jpg [2011/01/09 22:36:34 | 000,074,006 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\ce1 sacre coeur 1975.jpg [2011/01/09 22:34:13 | 000,074,047 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cp melle leguyader 1974.jpg [2011/01/09 22:21:04 | 000,091,176 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\1ereG sainte therese 1987.jpg [2011/01/09 21:38:43 | 000,063,876 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\47811902.jpg [2011/01/09 21:38:36 | 000,072,323 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\47811950.jpg [2011/01/09 21:38:22 | 000,065,651 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\47811937.jpg [2011/01/09 21:18:23 | 000,040,052 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\boite-encens.jpg [2011/01/09 17:39:23 | 000,104,261 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\photo-ptf8s5.jpg [2011/01/09 14:53:49 | 000,058,629 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\ecran-de-fumee.jpg [2011/01/09 12:37:53 | 000,000,000 | ---- | C] () -- C:\windows\System32\ativvaxx.cap [2011/01/09 12:37:52 | 000,000,000 | ---- | C] () -- C:\windows\System32\atiicdxx.dat [2011/01/09 12:21:36 | 000,069,026 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110109_122134.reg [2011/01/09 12:04:02 | 000,054,156 | -H-- | C] () -- C:\windows\QTFont.qfn [2011/01/09 12:04:02 | 000,001,409 | ---- | C] () -- C:\windows\QTFont.for [2011/01/09 09:46:52 | 000,029,540 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110109_094650.reg [2011/01/09 09:26:31 | 000,001,746 | ---- | C] () -- C:\Documents and Settings\franhemapau\Bureau\HijackThis.lnk [2011/01/09 09:05:26 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/01/08 19:13:07 | 000,353,856 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20110108_191305.reg [2011/01/08 19:02:12 | 000,214,497 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens3.jpg [2011/01/08 19:00:53 | 000,148,533 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encen2.jpg [2011/01/08 18:57:19 | 000,138,816 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\4444901025_96eabd485a_b.jpg [2011/01/08 18:55:10 | 001,861,022 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\5065448377_68cbc7ebd1_o.jpg [2011/01/08 09:52:34 | 007,966,666 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\acces1.PDF [2011/01/08 09:50:11 | 000,056,746 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\MailDu07012011.pdf [2011/01/07 22:57:00 | 003,458,560 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\Zizanie.pps [2011/01/06 20:39:04 | 000,056,128 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\BZH_Flag.gif [2011/01/06 20:38:53 | 000,020,335 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\drapeau_breton_m.jpg [2011/01/06 20:38:46 | 000,042,192 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\carte-finist%E8re.jpg [2011/01/06 20:38:38 | 000,015,133 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\bzh.jpg [2011/01/06 20:28:07 | 000,017,533 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\capitainehadock.jpg [2011/01/05 23:53:41 | 000,160,339 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\tshirtzebikesio.jpg [2011/01/05 22:37:21 | 000,741,339 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\initiation-1024-72dpi.jpg [2011/01/05 22:36:08 | 000,763,528 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\lumieres.jpg [2011/01/04 22:01:50 | 000,234,725 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\guideencens.jpg [2011/01/04 21:57:55 | 000,270,324 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\600_____DSCN1255_662.jpg [2011/01/04 19:21:29 | 002,123,902 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\welcometodirt2.bmp [2011/01/04 19:21:17 | 001,497,078 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\welcometodirt.bmp [2011/01/02 22:19:21 | 000,626,176 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\Encens.doc [2011/01/02 21:40:52 | 000,029,249 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-nag-champa-15_1.png [2011/01/02 21:39:16 | 000,027,881 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-frankincense.png [2011/01/02 21:38:24 | 000,026,266 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-auroville-oliban.png [2011/01/02 21:37:23 | 000,034,624 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-aromatherapie-oliban_1.png [2011/01/02 21:37:16 | 000,024,548 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-aromatherapie-frankincense.png [2011/01/02 21:36:44 | 000,025,745 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-myrrhe.png [2011/01/02 21:36:33 | 000,025,984 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-vetiver.png [2011/01/02 21:36:21 | 000,035,656 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-rois-mages.png [2011/01/02 21:36:07 | 000,037,026 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-oliban-somalie.png [2011/01/02 21:36:01 | 000,026,263 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-oliban.png [2011/01/02 21:35:56 | 000,047,111 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-oliban-cones.png [2011/01/02 21:35:28 | 000,025,100 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-feng-shui-feu.png [2011/01/02 21:34:24 | 000,033,452 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-tibetain-oliban.png [2011/01/02 21:33:46 | 000,039,387 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-naturelle-rois-mages.png [2011/01/02 21:33:27 | 000,024,718 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-oliban_1.png [2011/01/02 21:33:15 | 000,035,207 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\resine-naturelle-frankincense.png [2011/01/02 21:33:09 | 000,025,145 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-frankincense.png [2011/01/02 21:33:01 | 000,041,448 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\encens-indien-frankincense_1.png [2011/01/01 15:55:41 | 000,012,288 | ---- | C] () -- C:\windows\impborl.dll [2010/12/31 12:03:13 | 000,047,776 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\CLASSIQUE.XLS [2010/12/30 12:25:11 | 000,210,498 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\big one breizh.bmp [2010/12/29 21:29:21 | 000,011,264 | ---- | C] () -- C:\windows\System32\Utils.dll [2010/12/28 17:25:41 | 000,050,230 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\sio.bmp [2010/12/28 16:45:11 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\franhemapau\.recently-used.xbel [2010/12/28 16:44:36 | 000,001,576 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\coverJuke.lnk [2010/12/28 14:21:05 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010/12/28 09:34:04 | 000,132,638 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20101228_093402.reg [2010/12/27 22:17:00 | 001,546,451 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\49858-Raffaele-De-Rosa-15.wmv [2010/12/21 23:59:49 | 000,037,879 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\drapeau breton.jpg [2010/12/21 23:59:43 | 000,032,762 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\chapeau-breton.jpg [2010/12/21 23:55:11 | 000,016,309 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\emotions_colere_clr.jpg [2010/12/21 23:55:05 | 000,040,545 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\dyn005_original_376_400_pjpeg_2534793_82dc486e8a780b11145d2bcbfd5ded6e.jpg [2010/12/14 22:49:30 | 000,029,821 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\CD Spindle Earring Holder.jpg [2010/12/13 22:01:09 | 000,281,922 | ---- | C] () -- C:\Documents and Settings\franhemapau\Mes documents\cc_20101213_220107.reg [2010/06/06 10:14:23 | 000,038,492 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft Excel.ADR [2010/04/13 12:26:43 | 000,000,273 | ---- | C] () -- C:\windows\Dit.INI [2010/01/01 21:34:43 | 000,000,094 | -H-- | C] () -- C:\windows\System32\spv1_WCssg.ini [2009/12/19 10:35:44 | 000,000,179 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\setup.log [2009/12/19 10:35:39 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\setup_ldm.iss [2009/11/14 21:03:35 | 000,000,030 | ---- | C] () -- C:\windows\System32\drivers\Rev98HDD.ini [2009/10/31 07:53:14 | 000,000,000 | ---- | C] () -- C:\windows\Pool.INI [2009/10/27 17:48:28 | 000,000,703 | ---- | C] () -- C:\windows\wininit.ini [2009/09/19 20:02:15 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI [2009/08/16 11:13:06 | 000,000,152 | ---- | C] () -- C:\windows\isp.ini [2009/08/16 11:12:15 | 000,000,155 | ---- | C] () -- C:\windows\QTW.INI [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\windows\System32\OGACheckControl.dll [2009/03/21 20:20:11 | 000,007,207 | R--- | C] () -- C:\windows\Disktool.INI [2009/03/21 20:20:11 | 000,006,399 | R--- | C] () -- C:\windows\fwupgrade.ini [2009/03/21 20:20:11 | 000,003,677 | R--- | C] () -- C:\windows\PlaySnd.INI [2009/02/27 21:06:44 | 000,000,101 | ---- | C] () -- C:\windows\VSWizard.ini [2009/02/08 12:28:45 | 000,012,288 | ---- | C] () -- C:\windows\System32\LXF3PMRC.DLL [2009/02/08 12:25:37 | 000,000,060 | -H-- | C] () -- C:\windows\System32\lxderwrd.ini [2009/02/08 12:25:32 | 000,348,160 | ---- | C] () -- C:\windows\System32\lxdeinst.dll [2009/02/08 12:23:34 | 000,348,160 | R--- | C] () -- C:\windows\System32\lxdecoin.dll [2008/12/19 15:15:58 | 004,338,246 | ---- | C] () -- C:\windows\System32\libavcodec.dll [2008/12/17 17:41:18 | 000,884,237 | ---- | C] () -- C:\windows\System32\ff_x264.dll [2008/12/17 17:22:58 | 000,093,184 | ---- | C] () -- C:\windows\System32\ff_wmv9.dll [2008/12/17 17:22:48 | 000,057,344 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2008/12/17 17:17:34 | 000,239,247 | ---- | C] () -- C:\windows\System32\ff_theora.dll [2008/12/17 16:59:54 | 000,560,802 | ---- | C] () -- C:\windows\System32\libmplayer.dll [2008/10/01 17:22:10 | 000,000,368 | ---- | C] () -- C:\windows\hegames.ini [2008/08/10 14:02:10 | 000,000,058 | ---- | C] () -- C:\windows\DeskToppers.ini [2008/08/10 13:48:35 | 000,000,018 | ---- | C] () -- C:\windows\gfact.ini [2008/07/24 21:59:20 | 000,043,520 | ---- | C] () -- C:\windows\System32\CmdLineExt03.dll [2008/07/18 09:06:02 | 000,000,040 | ---- | C] () -- C:\windows\Epscan2.INI [2008/07/11 17:40:00 | 000,000,085 | ---- | C] () -- C:\windows\fdmc.ini [2008/02/09 12:54:53 | 000,027,228 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\Carnet d'adresses personnel.ADR [2008/01/04 16:29:36 | 000,000,008 | ---- | C] () -- C:\Program Files\rdt.dat [2008/01/04 16:29:36 | 000,000,008 | ---- | C] () -- C:\Program Files\Fichiers communs\rdt.dat [2007/10/24 20:56:32 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll [2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\windows\System32\drivers\LVPr2Mon.sys [2007/08/10 17:59:48 | 000,000,130 | ---- | C] () -- C:\windows\ka.ini [2007/05/30 16:25:20 | 000,000,000 | ---- | C] () -- C:\windows\SETUP32.INI [2007/05/28 11:54:44 | 000,208,896 | ---- | C] () -- C:\windows\System32\lxdegrd.dll [2007/05/24 21:24:25 | 000,692,224 | ---- | C] () -- C:\windows\System32\lxdedrs.dll [2007/05/22 15:09:42 | 000,065,536 | ---- | C] () -- C:\windows\System32\lxdecaps.dll [2007/05/15 19:47:00 | 000,001,689 | ---- | C] () -- C:\windows\mp3-explorer.ini [2007/04/28 20:32:59 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll [2007/04/17 15:17:05 | 000,069,632 | ---- | C] () -- C:\windows\System32\lxdecnv4.dll [2007/04/07 08:10:29 | 000,033,920 | ---- | C] () -- C:\windows\System32\drivers\oreans32.sys [2007/04/07 08:08:49 | 000,765,952 | ---- | C] () -- C:\windows\System32\xvidcore.dll [2007/04/07 08:08:49 | 000,180,224 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2007/04/07 06:24:43 | 000,027,648 | ---- | C] () -- C:\windows\System32\AVSredirect.dll [2007/04/07 06:24:42 | 000,471,552 | ---- | C] () -- C:\windows\System32\Smab.dll [2007/03/02 00:19:47 | 000,000,119 | ---- | C] () -- C:\windows\SIERRA.INI [2006/12/27 22:19:18 | 000,066,482 | ---- | C] () -- C:\windows\System32\lvcoinst.ini [2006/12/27 22:08:47 | 000,000,719 | R--- | C] () -- C:\windows\System32\InstExec.ini [2006/12/26 05:59:40 | 000,001,208 | ---- | C] () -- C:\windows\Radio_Fr.ini [2006/12/16 17:56:28 | 000,013,146 | -HS- | C] () -- C:\windows\System32\KGyGaAvL.sys [2006/12/16 17:52:31 | 000,000,056 | RHS- | C] () -- C:\windows\System32\E74B5DB51B.sys [2006/12/16 17:34:32 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\pcouffin.log [2006/12/16 17:34:23 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\ezpinst.exe [2006/12/16 17:34:23 | 000,007,824 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\pcouffin.cat [2006/12/16 17:34:23 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\franhemapau\Application Data\pcouffin.inf [2006/08/01 06:53:18 | 000,040,960 | ---- | C] () -- C:\windows\System32\lxdevs.dll [2006/07/07 20:15:41 | 000,114,688 | ---- | C] () -- C:\windows\System32\WLANUTL.dll [2005/12/10 11:48:48 | 000,000,253 | ---- | C] () -- C:\windows\WSHORTEN.INI [2005/12/09 15:37:42 | 000,016,768 | ---- | C] () -- C:\windows\System32\drivers\LVPrcMon.sys [2005/11/12 18:44:57 | 000,056,832 | ---- | C] () -- C:\windows\System32\Iyvu9_32.dll [2005/11/05 12:31:53 | 000,000,132 | ---- | C] () -- C:\windows\winamp.ini [2005/10/01 12:47:02 | 000,000,061 | ---- | C] () -- C:\windows\HFREP.INI [2005/10/01 12:46:59 | 000,000,000 | ---- | C] () -- C:\windows\WD.INI [2005/09/09 14:25:27 | 000,000,527 | ---- | C] () -- C:\Program Files\Raccourci vers codec_video.lnk [2005/07/29 19:25:01 | 000,000,158 | ---- | C] () -- C:\windows\CDPLAYER.INI [2005/05/14 15:46:05 | 000,210,944 | ---- | C] () -- C:\windows\System32\MSVCRT10.DLL [2005/05/01 18:19:16 | 000,000,157 | ---- | C] () -- C:\windows\kodakpcd.franhemapau.ini [2005/04/03 11:06:53 | 000,000,035 | ---- | C] () -- C:\windows\A6W.INI [2005/02/18 16:20:07 | 000,000,000 | ---- | C] () -- C:\windows\LiveBilliards.INI [2005/02/18 15:42:35 | 000,000,301 | ---- | C] () -- C:\windows\NAVIGMA.INI [2004/12/05 10:48:45 | 000,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll [2004/12/05 10:48:45 | 000,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll [2004/12/05 10:48:45 | 000,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll [2004/11/26 21:51:50 | 000,000,132 | ---- | C] () -- C:\windows\picture-shark.INI [2004/11/11 17:58:25 | 000,184,320 | ---- | C] () -- C:\Documents and Settings\franhemapau\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2004/11/11 16:54:08 | 000,000,202 | ---- | C] () -- C:\windows\NeroDigital.ini [2004/11/11 16:51:55 | 000,000,204 | ---- | C] () -- C:\windows\RtlRack.ini [2004/11/11 16:46:10 | 000,000,164 | ---- | C] () -- C:\windows\avrack.ini [2004/11/11 15:15:50 | 000,005,607 | ---- | C] () -- C:\windows\System32\stci.dll [2004/11/11 15:15:03 | 000,000,000 | ---- | C] () -- C:\windows\System32\rnaph.dll [2004/11/11 14:59:41 | 000,363,520 | ---- | C] () -- C:\windows\System32\psisdecd.dll [2004/11/11 14:54:54 | 000,000,000 | ---- | C] () -- C:\windows\OpPrintServer.INI [2004/11/11 14:22:05 | 000,000,385 | ---- | C] () -- C:\windows\ODBC.INI [2004/11/11 13:55:20 | 000,004,207 | ---- | C] () -- C:\windows\ODBCINST.INI [2004/10/03 17:50:54 | 000,129,024 | ---- | C] () -- C:\windows\System32\ff_mpeg2enc.dll [2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\windows\System32\OUTLPERF.INI [1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\windows\System32\indounin.dll ========== LOP Check ========== [2009/04/25 18:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlbumCollection [2010/05/15 08:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2009/09/06 14:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus [2010/01/01 10:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend [2010/04/11 15:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LxThumbs [2010/11/25 23:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMan [2004/11/28 10:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir [2010/10/09 18:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9 [2009/12/15 08:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games [2010/11/25 23:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlimSUF [2011/01/10 18:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/01/03 11:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TmForever [2010/12/13 23:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania [2006/12/15 21:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VadeRetro [2009/12/15 21:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2008/01/20 13:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Watermark Factory [2005/12/19 21:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition) [2008/05/27 19:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\1&1 [2006/08/12 13:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\ActiveState [2009/05/31 08:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\avidemux [2011/01/04 19:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Azureus [2011/01/11 07:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\cacaoweb [2009/08/23 08:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\COWON [2009/01/11 16:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Crae Interactives [2010/11/26 14:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Filmotech_prefs [2011/01/09 09:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FMZilla [2010/04/25 11:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FreeAudioPack [2008/01/04 16:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Gaijin Ent [2010/01/01 10:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GameBlend [2010/10/11 18:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GameHouse [2009/12/02 21:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GARMIN [2010/10/13 18:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GetRightToGo [2009/09/13 14:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GoodSync [2010/12/28 16:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\gtk-2.0 [2010/12/28 12:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Incredible Ink [2008/11/25 07:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Leadertech [2009/02/15 08:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Lexmark Productivity Studio [2010/04/28 18:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\LG Electronics [2010/11/25 23:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\MediaMan [2010/10/29 16:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\moovida-1 [2009/02/21 16:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\OnlineStorage [2011/01/11 21:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\QuickScan [2010/08/15 08:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\RayV [2008/08/17 10:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Skinux [2009/03/28 16:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\TeamViewer [2010/05/02 16:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Uniblue [2009/04/05 11:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\uTorrent [2010/12/28 22:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\widestream [2010/01/01 19:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Wildfire [2008/10/03 20:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\XnView ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.sys /lockedfiles > < %ALLUSERSPROFILE%\Application Data\*. > [2010/10/12 06:13:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2009/09/03 23:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead [2009/04/25 18:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlbumCollection [2010/05/15 08:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/05/16 06:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL [2009/12/15 21:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads [2009/12/15 21:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP [2011/01/09 12:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI [2011/01/11 22:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira [2009/09/06 14:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus [2009/02/21 18:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink [2010/09/24 20:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX [2009/04/12 17:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink [2009/02/06 18:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FaxCtr [2010/01/01 10:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend [2009/08/04 10:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google [2009/12/19 10:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd [2009/12/19 10:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech [2010/04/11 15:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LxThumbs [2011/01/09 09:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/11/25 23:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMan [2010/06/13 12:12:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2004/11/28 10:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir [2010/10/09 18:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9 [2010/06/24 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS [2009/10/09 06:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage [2011/01/10 18:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Tools [2005/03/10 17:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime [2010/04/19 23:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real [2009/12/15 08:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games [2010/11/25 23:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlimSUF [2011/01/10 19:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2011/01/10 18:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/01/03 11:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TmForever [2010/12/13 23:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania [2006/12/15 21:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VadeRetro [2009/12/15 21:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2008/01/20 13:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Watermark Factory [2005/12/19 21:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition) [2006/08/06 15:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2006/12/15 15:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2009/12/15 21:47:35 | 001,273,224 | ---- | M] (AOL) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\AIMinst.exe [2009/12/15 21:47:20 | 000,481,016 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\AIMLang.exe [2009/12/15 21:47:45 | 000,492,032 | ---- | M] (AOL) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\aimlang_fr.exe [2009/12/15 21:47:51 | 000,141,944 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\alsetup.exe [2009/12/15 21:47:08 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\aoldlmgr.exe [2009/12/15 21:47:12 | 000,228,704 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\migrator.exe [2009/12/15 21:48:42 | 005,357,344 | ---- | M] (AOL) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\ocpinst.exe [2009/12/15 21:48:48 | 000,035,888 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\postproc.exe [2009/12/15 21:47:16 | 000,169,520 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\setup.exe [2009/12/15 21:48:46 | 000,357,776 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\tbsetup.exe [2009/12/15 21:48:16 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\unagi3.exe [2009/12/15 21:48:10 | 003,858,056 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_fr\6.1.31.1\Vwpt.exe [2010/09/24 20:33:19 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe [2011/01/10 18:15:18 | 065,317,024 | ---- | M] (PC Tools ) -- C:\Documents and Settings\All Users\Application Data\PC Tools\DownloadManager\Spyware Doctor8.0\sdsetup_dl.exe < %APPDATA%\*. > [2008/05/27 19:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\1&1 [2006/08/12 13:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\ActiveState [2009/05/23 10:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Adobe [2008/05/09 07:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\AdobeUM [2009/09/03 23:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Ahead [2005/10/09 12:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Apple Computer [2005/06/15 16:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\ArcSoft [2008/07/15 14:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\ATI [2009/05/31 08:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\avidemux [2011/01/04 19:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Azureus [2011/01/11 07:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\cacaoweb [2009/08/23 08:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\COWON [2009/01/11 16:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Crae Interactives [2008/01/02 18:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\CyberLink [2007/01/25 23:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\DivX [2010/10/10 20:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\dvdcss [2008/01/22 22:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FastStone [2009/02/15 08:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FaxCtr [2010/11/26 14:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Filmotech_prefs [2011/01/09 09:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FMZilla [2010/04/25 11:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\FreeAudioPack [2008/01/04 16:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Gaijin Ent [2010/01/01 10:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GameBlend [2010/10/11 18:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GameHouse [2009/12/02 21:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GARMIN [2010/10/13 18:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GetRightToGo [2009/09/13 14:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\GoodSync [2007/07/13 15:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Google [2010/12/28 16:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\gtk-2.0 [2004/11/11 14:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Help [2004/11/11 14:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Identities [2010/12/28 12:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Incredible Ink [2007/06/23 16:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\InstallShield [2008/11/25 07:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Leadertech [2009/02/15 08:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Lexmark Productivity Studio [2010/04/28 18:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\LG Electronics [2009/11/08 17:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Macromedia [2011/01/09 09:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Malwarebytes [2007/04/28 20:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Media Player Classic [2010/11/25 23:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\MediaMan [2008/09/28 07:50:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\franhemapau\Application Data\Microsoft [2010/10/29 16:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\moovida-1 [2009/12/15 21:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Mozilla [2009/10/09 06:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Office Genuine Advantage [2009/02/21 16:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\OnlineStorage [2011/01/11 21:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\QuickScan [2010/08/15 08:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\RayV [2010/12/08 07:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Real [2008/08/17 10:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Skinux [2006/08/06 22:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\SmartFTP [2005/02/06 22:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Sun [2006/12/15 16:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Symantec [2009/03/28 16:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\TeamViewer [2010/05/02 16:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Uniblue [2009/04/05 11:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\uTorrent [2010/12/28 22:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\widestream [2010/01/01 19:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\Wildfire [2008/04/06 09:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\WinRAR [2008/10/03 20:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franhemapau\Application Data\XnView < %APPDATA%\*.exe /s > [2006/12/16 19:08:12 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\ezpinst.exe [2007/01/14 15:48:46 | 023,489,040 | ---- | M] ( ) -- C:\Documents and Settings\franhemapau\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe [2008/05/08 20:43:46 | 022,023,120 | ---- | M] ( ) -- C:\Documents and Settings\franhemapau\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_fr_FR.exe [2009/09/19 22:11:57 | 010,686,001 | ---- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Azureus\plugins\azump\mplayer.exe [2010/12/29 17:07:06 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Documents and Settings\franhemapau\Application Data\Azureus\plugins\mlab\ShaperProbeC.exe [2010/10/29 16:08:23 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut3_BCB4A930B9F04A2480525A437423D92B.exe [2010/10/29 16:08:23 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut4_A414E067513C43BA8786F3DC788BC961.exe [2010/10/29 16:08:24 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut5_F4EE65F1A6CD4124B059E9FA9A98EBF7.exe [2010/10/29 16:08:24 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut6_206049A8CD534D8B87D5F66190F05AB3.exe [2009/05/08 11:38:41 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\franhemapau\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys < MD5 for: ATAPI.SYS > [2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: CDROM.SYS > [2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2009/12/22 19:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [2004/08/03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys < MD5 for: CHANGER.SYS > [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys [2008/04/13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys [2004/08/03 22:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys < MD5 for: DISK.SYS > [2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:disk.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2004/08/03 21:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys < MD5 for: EVENTLOG.DLL > [2004/08/19 15:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2007/06/13 14:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: NDIS.SYS > [2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004/08/03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys < MD5 for: NETLOGON.DLL > [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2004/08/19 15:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: RASACD.SYS > [2003/04/24 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys [2003/04/24 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys < MD5 for: RDPWD.SYS > [2005/06/10 05:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys [2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys [2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys [2005/06/10 05:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys < MD5 for: SCECLI.DLL > [2004/08/19 15:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll < MD5 for: SFLOPPY.SYS > [2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:Sfloppy.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Sfloppy.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys [2004/08/03 21:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys [2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys [2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys < MD5 for: SPLITTER.SYS > [2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:splitter.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:splitter.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys [2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys [2006/06/14 09:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys [2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys [2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys < MD5 for: SWMIDI.SYS > [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys [2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys [2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys [2003/04/24 13:00:00 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys < MD5 for: TCPIP.SYS > [2008/06/20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys [2006/01/13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys [2005/05/25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys [2007/10/30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys [2008/06/20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys [2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys [2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys [2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys [2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys < MD5 for: TDPIPE.SYS > [2004/08/19 15:10:20 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys [2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys [2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys < MD5 for: TDTCP.SYS > [2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys [2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys [2004/08/19 15:10:20 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys < MD5 for: USBPRINT.SYS > [2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbprint.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbprint.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys [2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys [2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys [2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys < MD5 for: USBSCAN.SYS > [2003/04/24 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbscan.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys [2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbscan.sys [2008/09/04 19:24:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys [2008/04/13 19:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\dllcache\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys [2004/08/03 21:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys < MD5 for: USERINIT.EXE > [2004/08/19 15:10:04 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2004/08/19 15:10:06 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [15 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 170 bytes -> C:\windows\SK@J:C=e.ini < End of report > et le second rapport EXTRAS.TXT: OTL Extras logfile created on: 11/01/2011 22:42:34 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\franhemapau\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 55,89 Gb Total Space | 4,74 Gb Free Space | 8,49% Space Free | Partition Type: NTFS Drive D: | 55,90 Gb Total Space | 48,80 Gb Free Space | 87,30% Space Free | Partition Type: NTFS Drive E: | 232,88 Gb Total Space | 66,04 Gb Free Space | 28,36% Space Free | Partition Type: NTFS Drive F: | 634,76 Gb Total Space | 92,28 Gb Free Space | 14,54% Space Free | Partition Type: NTFS Drive G: | 195,31 Gb Total Space | 28,82 Gb Free Space | 14,76% Space Free | Partition Type: NTFS Drive H: | 48,83 Gb Total Space | 15,11 Gb Free Space | 30,94% Space Free | Partition Type: NTFS Drive I: | 52,61 Gb Total Space | 10,95 Gb Free Space | 20,81% Space Free | Partition Type: NTFS Computer Name: SALON | User Name: franhemapau | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [lister_un_fichier] -- command.com /c tree /F /A > j:\Listingmusique.txt %1 () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "4662:TCP" = 4662:TCP:*:Disabled:emule4662 "4672:UDP" = 4672:UDP:*:Disabled:emule4672 "5432:TCP" = 5432:TCP:*:Enabled:etcp "5442:UDP" = 5442:UDP:*:Enabled:eudp "6543:TCP" = 6543:TCP:*:Enabled:tcp2 "6542:TCP" = 6542:TCP:*:Enabled:udp2 "53951:TCP" = 53951:TCP:*:Enabled:tpc2 "12224:TCP" = 12224:TCP:*:Enabled:udp2 "2350:TCP" = 2350:TCP:*:Enabled:tm "2350:UDP" = 2350:UDP:*:Enabled:tm "3450:TCP" = 3450:TCP:*:Enabled:tm "3450:UDP" = 3450:UDP:*:Enabled:tm ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 -- File not found "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found "C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe" = C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0 -- File not found "C:\Program Files\LeechFTP\Leechftp.exe" = C:\Program Files\LeechFTP\Leechftp.exe:*:Enabled:LeechFTP -- (jan debis) "C:\Program Files\mswt kart 2004\MSWorldTour.exe" = C:\Program Files\mswt kart 2004\MSWorldTour.exe:*:Enabled:MSWorldTour -- File not found "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found "C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- () "C:\Program Files\TrackMania Sunrise\TmSunrise.exe" = C:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise -- File not found "C:\Program Files\TmUnitedForever\TmForever.exe" = C:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever -- () "C:\Program Files\TRACKMANIA\TmUnitedForever\TmForever.exe" = C:\Program Files\TRACKMANIA\TmUnitedForever\TmForever.exe:*:Enabled:TmForever -- File not found "C:\Program Files\TRACKMANIA\TmNationsForever\TmForever.exe" = C:\Program Files\TRACKMANIA\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- File not found "C:\Program Files\GOST Publishing\Marie La Cavalière\Bin\Marie La Cavalière.exe" = C:\Program Files\GOST Publishing\Marie La Cavalière\Bin\Marie La Cavalière.exe:*:Enabled:Marie La Cavalière -- File not found "C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation) "C:\WINDOWS\system32\lxdecoms.exe" = C:\WINDOWS\system32\lxdecoms.exe:*:Enabled:4800 Series Server -- ( ) "C:\Program Files\Lexmark 4800 Series\lxdemon.exe" = C:\Program Files\Lexmark 4800 Series\lxdemon.exe:*:Enabled:Printer Device Monitor -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe:*:Enabled:Printer Status Window Interface -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.) "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe:*:Enabled:Job Status Window Interface -- () "C:\Program Files\TRACKMANIA\TmNationsForever\TmNationsForever\TmForever.exe" = C:\Program Files\TRACKMANIA\TmNationsForever\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- File not found "C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Disabled:Azureus -- (Vuze Inc.) "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Disabled:EasyShare -- File not found "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.0 -- File not found "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Disabled:Windows Live Messenger 8.0 (Phone) -- File not found "C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Disabled:Yahoo! FT Server -- File not found "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe:*:Enabled:Lexmark Web Gateway -- () "C:\Program Files\RealVNC\VNC4\vncviewer.exe" = C:\Program Files\RealVNC\VNC4\vncviewer.exe:*:Enabled:VNC Viewer Free Edition for Win32 -- File not found "C:\Program Files\TeamViewer\Version4\TeamViewer.exe" = C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Application de pilotage à distance TeamViewer -- (TeamViewer GmbH) "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- File not found "C:\Program Files\Lexmark 4800 Series\frun.exe" = C:\Program Files\Lexmark 4800 Series\frun.exe:*:Enabled:Printing Application -- () "C:\Program Files\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe" = C:\Program Files\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe:*:Enabled:Truck Racing by Renault Trucks -- File not found "C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe" = C:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- File not found "C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found "C:\Program Files\GameHouse Games Collection\Wheel of Fortune\Wheel of Fortune.exe" = C:\Program Files\GameHouse Games Collection\Wheel of Fortune\Wheel of Fortune.exe:*:Disabled:Wheel of Fortune -- File not found "C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.) "C:\Program Files\RayV\RayV\RayV.exe" = C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV -- File not found "C:\Program Files\RayV\RayV\RayV.dll" = C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV -- File not found "C:\Program Files\cacaoweb\cacaoweb.exe" = C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb -- () "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com) "C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver -- (www.sopcast.com) "C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- File not found ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{022C4B5F-4A59-48DD-08A6-6EC5832DBFFE}" = Catalyst Control Center Localization Chinese Standard "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery "{1148CE6F-6956-6ED3-1DBF-0A0046427A3E}" = CCC Help Swedish "{1350E13C-A031-6574-961B-367DE4721E86}" = Catalyst Control Center Graphics Light "{14A776EF-3904-3C55-508F-BB093954391E}" = Catalyst Control Center Localization Dutch "{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter "{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = Livebox "{19762EA5-8279-8FA8-5F16-7DEEF571E5D6}" = CCC Help Russian "{1A90FD8B-8A64-8B83-D486-E507AEC997EF}" = Catalyst Control Center Graphics Full Existing "{1D4C0096-98D0-5290-A5F7-AAA05121FA0A}" = CCC Help Danish "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}" = DDS Thumbnail Viewer "{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 17 "{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java 6 Update 14 "{278FDAF8-DEB0-4EBC-8192-E101A4835A3C}" = Totally Spies, Attaque des zombies "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III "{2E73FAB9-7713-D109-24DB-28339CB7A3CC}" = Catalyst Control Center Localization Norwegian "{30517D85-B2C9-5920-77B2-6034DDC90B7C}" = CCC Help Czech "{31A57C3E-30DD-421F-B5C7-974DACB0D05F}" = Canon Camera WIA Driver "{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9 "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35A6DE92-DE2E-9FBB-C919-B9CA5079116D}" = Catalyst Control Center Localization Turkish "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{39C1585C-1004-5091-180A-5AFCA3D505C2}" = Catalyst Control Center Localization Thai "{3C6BD212-5680-4758-83ED-21171BCCBEB7}" = ASIX AX88772 WinXP_2K 32Bit Driver "{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION "{41269776-CF11-AADD-A1A9-6E1701877F88}" = CCC Help Norwegian "{455B46A4-17C2-DDDA-F695-7F157E2C6160}" = Catalyst Control Center Localization Danish "{462E5968-A02C-4C0A-9F74-1C4DA758CD80}" = sTabLauncher "{4E10FFCA-5C09-6E8E-4DA4-B71FFC58C435}" = CCC Help Korean "{4E568350-98BF-A31B-4E90-B23428023916}" = Catalyst Control Center Localization Spanish "{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5827D56B-9A4D-6858-95C9-28B2D46F56EB}" = CCC Help German "{5954C9DD-80C5-27FB-67FA-1DF0B5E2565A}" = Catalyst Control Center Localization Portuguese "{5B6844F3-8C27-C589-E519-9AAE0AC87407}" = CCC Help Dutch "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{5DC1DF0D-8B08-30D9-5F5F-857ADC69201A}" = Catalyst Control Center Graphics Full New "{5DDBDE45-EB70-DC65-6D06-6D25906E7797}" = CCC Help Japanese "{5E075172-D826-3CFC-51F4-C9E6CF6D0690}" = CCC Help Spanish "{618EB4D7-7D67-9126-7D63-CA39F93673DE}" = Catalyst Control Center Graphics Previews Common "{67F5A666-181F-8AA1-0D4E-BAD64AD43B42}" = CCC Help Chinese Standard "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2 "{69FB4970-45D2-1EA4-F131-A95EB60FFDDF}" = CCC Help Italian "{6A053172-1F36-0307-4CA0-6AA9317EBCC1}" = CCC Help Turkish "{6B6F61D0-BBD0-E91F-8639-6EF30206ABD2}" = Catalyst Control Center Localization Japanese "{71389CB1-6B6D-6FC2-0B74-0357D1ADC41E}" = CCC Help Finnish "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{736D005A-96E3-3B70-836C-14C80A137862}" = CCC Help French "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{77FA0593-9D54-4CB0-9FE0-18D6EC218841}" = Barbie au Bal des 12 princesses "{8124C5F0-D59A-DEFE-C3F7-02697D9BE53E}" = CCC Help Thai "{82357963-7536-629A-F921-A3E72A5E124C}" = Catalyst Control Center Localization Korean "{83F3EED2-DDE2-4434-8FBE-9D2A1E7C2BC9}" = Hama CardReader "{8625D3E5-2159-3FA4-3A74-AB306360E63E}" = Catalyst Control Center Localization Russian "{887EF08A-011E-477C-B6CB-01E540538ADB}" = Rep-Listing "{888FAC3D-87CB-AB4C-EC2C-D17E0C4418E7}" = Catalyst Control Center Localization French "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{89FF3A82-A88F-4035-9E95-6E03B7BA9D9B}" = Catalyst Control Center Localization Swedish "{8E5EDE0A-6B13-A0E2-7F00-5C2660C9F771}" = Catalyst Control Center Localization Hungarian "{8EE7E7B0-CEA9-E3FD-A63F-B27F49E9EC42}" = CCC Help Portuguese "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{9111040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9418FEE4-28B4-96FD-C398-42654B956376}" = Skins "{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam "{94AF0F78-E983-BD4B-1A26-80F2FBD5487C}" = Catalyst Control Center Localization Czech "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{967FB80D-56BD-42EF-A942-9E8C78F984A4}" = Saitek SST Programming Software "{9749C770-90C4-EE5A-D3BB-287F53622104}" = Catalyst Control Center Core Implementation "{99FC30C1-60A7-205F-1A00-367506E756F2}" = Catalyst Control Center Localization Greek "{9F36EDCC-81A8-5D37-9EB1-8BF6D96CAA23}" = Catalyst Control Center Localization Finnish "{A0100CB5-E6CE-F516-59C1-28CF0195A875}" = ccc-core-preinstall "{A29EA741-24F7-4C07-9B2C-06CB6491BE4A}" = Camera Window "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A336E48B-A46E-81B5-936E-5A9A8D7FE3D8}" = CCC Help Hungarian "{A4CCE9FD-4A40-5669-97B3-262672CD6C38}" = CCC Help Greek "{AB3F9E62-1C4A-45DA-96E4-BFEB26C73F18}" = SPIF205 USB to ATA Bridge 98 Driver Installer "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B325EFE1-1301-5BC4-8788-B1C7D3702ED1}" = CCC Help Polish "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III "{C8430789-D948-0314-C36B-A7D78AB67013}" = ccc-core-static "{CB2FFEB2-AC62-8DE2-8806-7C263437F132}" = CCC Help English "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE84C180-E0A7-4B64-A661-4C397E11F03E}" = NDAS Software 3.30.1602-r11613 "{D0F69BED-0B44-8D65-5834-6A74D8F83805}" = Catalyst Control Center Localization Chinese Traditional "{DD45D741-53D9-80CF-D097-31131DD9C0B0}" = CCC Help Chinese Traditional "{DE5730BC-81FB-633F-039D-5D8C8F787EDF}" = Catalyst Control Center Localization German "{E5FEB4A0-1480-F22B-9822-B56BA6172421}" = ccc-utility "{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express "{EFF1802C-C1F1-03EC-F3E0-51048DF0009F}" = Catalyst Control Center Localization Italian "{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = PhotoStitch "{F9C22FF2-639F-1016-7926-9A1B06CDD516}" = Catalyst Control Center Localization Polish "{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers "{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "7-Zip" = 7-Zip 4.65 "8461-7759-5462-8226" = Vuze "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "All ATI Software" = ATI - Utilitaire de désinstallation du logiciel "Ant Renamer 2_is1" = Ant Renamer "Anti-Twin 2007-10-25 21.57.33" = Anti-Twin (Installation 03.01.2010) "ATI Display Driver" = ATI Display Driver "Audacity_is1" = Audacity 1.2.3 "avast5" = avast! Free Antivirus "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AviSynth" = AviSynth 2.5 "Barbie dans Coeur de Princesse" = Barbie dans Coeur de Princesse "CB1300SF" = CB1300SF????????? "CCleaner" = CCleaner (remove only) "CdaC13Ba" = SafeCast Shared Components "Converio_is1" = Converio "CoreWavPack DirectShow Filters" = CoreWavPack DirectShow Filters (remove only) "coverJuke_is1" = coverJuke v1.56 "CPUID CPU-Z_is1" = CPUID CPU-Z 1.52.2 "drmtool.inf" = Personal License Update Wizard for Windows Media Player "DVD Decrypter 3.5.1.1 Fr" = DVD Decrypter 3.5.1.1 Fr "DVD Shrink_is1" = DVD Shrink 3.2 "Easy TM Forever" = Easy TM Forever 3.0.3 "Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.0 "FormatFactory" = FormatFactory 2.20 "Free MP3 Sound Recorder_is1" = Free MP3 Sound Recorder v1.9 "GestionnaireInternet.exe" = Gestionnaire Internet "HijackThis" = HijackThis 2.0.2 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InCD!UninstallKey" = InCD "Indeo® software" = Indeo® software "InstallShield_{31A57C3E-30DD-421F-B5C7-974DACB0D05F}" = Canon EOS Kiss REBEL 300D Pilote WIA "InstallShield_{3C6BD212-5680-4758-83ED-21171BCCBEB7}" = ASIX AX88772 WinXP_2K 32Bit Driver "InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2 "InstallShield_{A29EA741-24F7-4C07-9B2C-06CB6491BE4A}" = Canon Camera Window for ZoomBrowser EX "InstallShield_{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = Canon Utilities PhotoStitch 3.1 "IsoBuster_is1" = IsoBuster 2.2 "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 2.01 "LeechFTP" = LeechFTP "legacyqcam_10.50" = Coffret de pilotes Logitech Legacy USB Camera "Lexmark 4800 Series" = Lexmark 4800 Series "lvdrivers_11.50" = Coffret de pilotes Logitech QuickCam "Macromedia Dreamweaver 3 Fr" = Macromedia Dreamweaver 3 Fr "MailNavigator v.1.11" = MailNavigator v.1.11 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MigrationAnalyzer" = MigrationAnalyzer "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero OEM "NeroVision!UninstallKey" = NeroVision Express 2 SE "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "OpenAL" = OpenAL "PhotoFiltre" = PhotoFiltre "Picasa 3" = Picasa 3 "QuickTime" = QuickTime "RADVideo" = RAD Video Tools "RealPlayer 12.0" = RealPlayer "Sandlot Games Client Services_is1" = Sandlot Games Client Services "SopCast" = SopCast 3.2.9 "Synchronizer" = Synchronizer "TeamViewer 4" = TeamViewer 4 "TmNationsForever_is1" = TmNationsForever_Fix_2009_10_09 "TMShootBox" = TMShootBox v1.2 "TmUnitedForever - UVME_is1" = TmUnitedForever - UVME v3.0 "TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15 "Veetle TV" = Veetle TV 0.9.18 "ViewpointMediaPlayer" = Viewpoint Media Player "WIC" = Windows Imaging Component "WinAce Archiver" = WinAce Archiver "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WinKey" = WinKey "winscp3_is1" = WinSCP 4.0.6 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XP Codec Pack" = XP Codec Pack ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1935655697-484061587-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Mmm" = Mmm ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 07/11/2009 15:54:34 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = Error - 08/11/2009 15:06:03 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = Error - 14/11/2009 16:34:16 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = Error - 14/11/2009 16:59:18 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = Error - 11/02/2010 14:17:09 | Computer Name = SALON | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 05/12/2006 19:08:14 | Computer Name = PC1 | Source = Application Error | ID = 1000 Description = Application défaillante yahoomessenger.exe, version 7.5.0.819, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x051c2d70. Error - 08/12/2006 09:56:35 | Computer Name = PC1 | Source = Application Hang | ID = 1002 Description = Application bloquée wmplayer.exe, version 10.0.0.3802, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 08/12/2006 11:05:57 | Computer Name = PC1 | Source = Application Hang | ID = 1002 Description = Application bloquée nero.exe, version 6.6.0.3, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 14/12/2006 17:25:48 | Computer Name = PC1 | Source = Application Hang | ID = 1002 Description = Application bloquée msimn.exe, version 6.0.2900.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 14/12/2006 17:55:41 | Computer Name = PC1 | Source = Application Hang | ID = 1002 Description = Application bloquée msimn.exe, version 6.0.2900.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 14/12/2006 17:57:24 | Computer Name = PC1 | Source = Application Hang | ID = 1002 Description = Application bloquée msimn.exe, version 6.0.2900.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 14/12/2006 18:17:00 | Computer Name = PC1 | Source = ESENT | ID = 494 Description = wuauclt (3096) La récupération de la base de données a échoué en raison de l'erreur -1216 car elle a rencontré des références à une base de données, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', qui n'est plus présente. La base de données ne présentait pas un état cohérent avant d'être supprimée (ou déplacée et renommée). Le moteur de base de données ne permettra pas d'effectuer la récupération pour cette instance tant que la base de données manquante ne sera pas réinstallée. Si la base de données n'est plus disponible ni nécessaire, contactez le Support technique pour obtenir des instructions concernant les étapes à suivre pour permettre la récupération sans cette base de données. Error - 14/12/2006 18:17:00 | Computer Name = PC1 | Source = ESENT | ID = 454 Description = wuauclt (3096) La récupération/restauration de la base de données a échoué en raison d'une erreur inattendue -1216. Error - 14/12/2006 18:37:48 | Computer Name = PC1 | Source = Application Hang | ID = 1002 Description = Application bloquée msimn.exe, version 6.0.2900.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 14/12/2006 18:39:12 | Computer Name = PC1 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs 126906962. [ System Events ] Error - 15/09/2006 13:32:19 | Computer Name = PC1 | Source = IPRIP | ID = 29053 Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur. Error - 24/09/2006 08:10:29 | Computer Name = PC1 | Source = Dhcp | ID = 1001 Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur DHCP) pour la carte réseau avec l'adresse réseau 6216A399E163. Il s'est produit l'erreur suivante : %%121. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Error - 24/09/2006 08:15:07 | Computer Name = PC1 | Source = IPRIP | ID = 29053 Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur. Error - 24/09/2006 11:43:09 | Computer Name = PC1 | Source = IPRIP | ID = 29053 Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur. Error - 24/09/2006 12:01:33 | Computer Name = PC1 | Source = IPRIP | ID = 29053 Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur. Error - 24/09/2006 12:02:58 | Computer Name = PC1 | Source = IPRIP | ID = 29053 Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur. Error - 24/09/2006 12:08:44 | Computer Name = PC1 | Source = IPRIP | ID = 29053 Description = IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9 sur l'interface locale avec l'adresse IP 169.254.253.190. Les données sont dans le code d'erreur. Error - 24/09/2006 12:08:44 | Computer Name = PC1 | Source = ipnathlp | ID = 32003 Description = Le traducteur d'adresses réseau (NAT) n'a pas pu demander une opération du module de traduction en mode noyau. Ceci peut indiquer une configuration incorrecte, des ressources insuffisantes ou une erreur interne. La donnée est le code de l'erreur. Error - 13/10/2006 11:25:42 | Computer Name = PC1 | Source = Service Control Manager | ID = 7024 Description = Le service Symantec Network Proxy s'est arrêté avec l'erreur service particulière 4294967295 (0xFFFFFFFF). Error - 13/10/2006 11:32:09 | Computer Name = PC1 | Source = Service Control Manager | ID = 7024 Description = Le service Symantec Network Proxy s'est arrêté avec l'erreur service particulière 4294967295 (0xFFFFFFFF). < End of report >
  23. sio
    bonsoir, depuis quelques temps des pages de pub s'ouvrent seules. Elles sont marquées "kdo.com" et "100%gratuit". Elles s'ouvrent toutes seules (même l'ordi en veille toute la nuit). J'ai stoppé AVAST et installé ANTIVIR : rien trouvé. voici le rapport HIJACKTHIS ---------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:34:00, on 11/01/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\Program Files\Emsisoft Anti-Malware\a2service.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\windows\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\windows\system32\lxdecoms.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\NDAS\System\ndassvc.exe C:\windows\BackupIP\service.exe C:\windows\Explorer.EXE C:\windows\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\program files\real\realplayer\update\realsched.exe C:\windows\Dit.exe C:\Program Files\HACE\Mmm\Mmm.exe C:\windows\system32\ctfmon.exe C:\Program Files\sTabLauncher\sTabLauncher.exe C:\Program Files\cacaoweb\cacaoweb.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\franhemapau\Mes documents\Téléchargements\avira_antivir_personal_free(2).exe C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\RarSFX0\presetup.exe C:\DOCUME~1\FRANHE~1\LOCALS~1\Temp\RarSFX0\setup.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Avira\AntiVir Desktop\avconfig.exe C:\Program Files\Avira\AntiVir Desktop\avcenter.exe c:\program files\avira\antivir desktop\avscan.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Mmm] "C:\Program Files\HACE\Mmm\Mmm.exe" O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [sTabLauncher] C:\Program Files\sTabLauncher\sTabLauncher.exe O4 - HKCU\..\Run: [cacaoweb] "C:\Program Files\cacaoweb\cacaoweb.exe" -noplayer O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 11.80.1048.0 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08d9 -f video -m logitech -d 11.80.1048.0 (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINDOWS\web\OpenFrame.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/25.20/uploader2.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.mypix.com/fr/fr/fw_model/domain/library/aurigma/ImageUploader5.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155907452812 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553542500} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.fr/fr/fr/importer/ImageUploader4.cab O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\windows\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe O23 - Service: lxde_device - - C:\windows\system32\lxdecoms.exe O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System\ndassvc.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: Backup IP Network (sdmBackupIP) - Unknown owner - C:\windows\BackupIP\service.exe -- End of file - 10564 bytes d'avance merci à vous !
×
×
  • Créer...